{"report_id":"0a8e6e65-887a-4e4c-8725-8e7cd514c39b","version":6,"status":"done","tags":[],"date":"2026-01-26T05:17:07Z","url":{"schema":"http","addr":"hypecip.xin","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"hypecip.xin/#/pages/home/home","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"title":"Hyperliquid","dom":{"size":9519,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3457)","md5":"4b6aae36b81c4332b9c54b5e77b852bb","sha1":"0a882518edb50fa3e0e621a228cc11e347d369aa","sha256":"50b99d606abb665c765cfe4dc31c95a8fab27f54b46ef6724a8f2528ea78217d","sha512":"730d6f0938c73ae9ad75a43c42042016654da0fa26e733fa878935de0b7e89e29da0e80edfb22fbd31c383586760229f9520b40cce59c3d555bcab41f78a6db3","ssdeep":"192:g44bI26kgSjsvgyrEFh5LfRWzLfRwnLfRwYLfRirALfR+kMrrxRco/7:n4bI2JJFh5LfRWzLfRwnLfRwYLfRGALe","tlshash":"651212303400546a52373b82f4d2c74d99837306cb5698bcb7fb5ba597c8eea89b1c36","dom_hash":"domhashea8b7c59eeae013e3a0ffe4f44102d0b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hypecip.xin","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-02T05:17:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"hypecip.xin","ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":272,"request_count":68,"received_data":2885337,"sent_data":30273,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"111.231.169.247","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-01-21T11:55:18.622959Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ws.hypeaabbb.shop","ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-11-03T12:41:25.293359Z","last_seen":"2025-11-26T13:29:47.094695Z","alert_count":0,"request_count":2,"received_data":416,"sent_data":1196,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.hypeaabbb.shop","ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-11-14T07:49:15.291685Z","last_seen":"2025-11-26T13:29:47.071687Z","alert_count":0,"request_count":20,"received_data":21620,"sent_data":11120,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hypecip.xin/assets/index.Gl_Dckpu.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"bb9c55ac5c8fcee932af4333f0d8ddce","sha1":"4968d45977d74a86676f42c8254e44607bfea8f1","sha256":"4fb3470802135f85c69ce3f6f64cccf3fed4614dda8de512f5f7b68dcadc0938","sha512":"41a344ac643a4220904e1d5cdd40419f51feb5c102f0098bd67ff4a657c670fc07d55130d68009817357deefac523a307bdf52abada8e1f81e386e63b97f4f3a","ssdeep":"","tlshash":"2241d5817848d3bce77fd998480808889a040f6a3833c5e9e2db384017e97c8fe36a24","size":1893,"data":"","first_seen":"2025-11-03T12:41:42.388423Z","last_seen":"2026-03-14T18:36:03.19665Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/check-s.DGG9M_rm.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"8a01cc60f09fa18d9813cae76738128b","sha1":"cdd58e3a03a998c25e74d1380147e6b52a14615d","sha256":"f86903ddef4b497befd3d2e250b6efe3f048e4529a86bb61a0c5560bd50f539d","sha512":"e6544c6053602d335f45ded8f55d0e1252cd9cdd7843656259a2b9bf7969eaa2987314b688a27502ff704a96f0f9697e299ad115ac73aea28f38f355863c359a","ssdeep":"","tlshash":"ba1194f4abaa8d72ca9c0f99363ed00c5c3108de45ade5203769e0a20335d306b9e814","size":989,"data":"","first_seen":"2025-03-06T21:41:52.860647Z","last_seen":"2026-05-11T10:57:08.411528Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/index.Bfh4eeqv.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"1027a7cf221ca15414595f8f63fb27bf","sha1":"b14c3a37072874be58c341943ca041b761a0b86c","sha256":"6f4a05813c8e83915d9406016194da04019fdd9c8804069a447afe83e3a09205","sha512":"50f4f780f44d945b96ffc8c651780968a0ab69bcb239fad77821f8ca1ec998dd7ac3a7b45730843bccaab55efb44a226294c6ed822db9883edd62012359900a9","ssdeep":"","tlshash":"e7f09eb7bd9297347467b904ad4d0c0b5904935cb691d4d1e5cf49c0a758068fe7d628","size":513,"data":"","first_seen":"2025-11-03T12:41:42.420322Z","last_seen":"2026-03-14T18:36:03.210317Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5d69b1fa705420e8766a4020d4150bca","sha1":"1b09657645950fc4d1cae34afc8cf81cb0422fd8","sha256":"b0c7b824b40072048937ce5b786ad940cf6875bbcf8460a04f454794ae571fb9","sha512":"c602541a7d474cc753eadbdafda08f9fa212c50bd2d321c59a13f9dfe28d3a6840ddc37cda407c5def5762066266fe4d50f15ba29c52e3757d8fb6956633866d","ssdeep":"","tlshash":"eec0c0c4a0c33d540222561010af25e170348073b11d7f53dde0d8182e630f44233fcc","size":180,"data":"","first_seen":"2025-11-03T12:41:42.507547Z","last_seen":"2026-03-08T12:34:05.604246Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-popup.DobYqiPg.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"e72c42c3aa9647e85c1365cdb338d967","sha1":"671e017647630d4b1918629b808515cad6559446","sha256":"3812f719fb2fdfbcc7133ffa02fcfe9e0301ce2a728c84864ca1cc020f65cc46","sha512":"48967acb7362c4b38127d08afe7d837bf13123083c6f490114d6f7fc18cffed313cbfb1f27d4e6a0405afa12155fccc237afbc423995afbea10168d242829099","ssdeep":"192:MjVEG8OepS7bjbNnM4eYeHoxPr9uuCQpqtqELM8urYYxSv/+GbGkYk0YGdJZZ2W:QVErOeObjbNbPr9xCQpILM8urYYxSv/i","tlshash":"be22a986f499e81506d782b7d09d4700557ca5c475760b6c7bbdadfb028a44c339bb3c","size":10350,"data":"","first_seen":"2025-11-03T12:41:42.390994Z","last_seen":"2026-03-14T18:36:03.226949Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"536c3c6b90ee834a439d489c79336cc3","sha1":"525e609e9477124df7f5cda9187c6b27ee26acee","sha256":"bf39d3c99af9e308dcc07f4b745feb8ffce05370775f35be27da1f1dd2a818de","sha512":"744a7d7420ef72b7068a5fd2a321abaa1e1d4041d3cc399668533d267a7e5f3d496ef0d343385a60dde3fd8770c9bb8e158bfe61c4859c5ead5fcfac70ccde33","ssdeep":"","tlshash":"2bc08cc4b0d62d002602682050af34e49024442670481b428c94d8482e630b08233e98","size":136,"data":"","first_seen":"2024-06-29T09:12:59Z","last_seen":"2026-05-18T10:07:37.489449Z","times_seen":145,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/ptb.Dg2TKeap.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"0fd28d375442ff081b513da77b56c983","sha1":"314332f6d4308c497a2b1b7fe7824af8c8186708","sha256":"aa73d7b68402a26cf403b85d447e0f40471363a126f92be92a4d9f62257a714a","sha512":"c7e72b67aec1d0604e7b5dea752b4162dbd3ce1f8dc35929c7a37817ab731fd716d337957be98fbe9b0efa9c6033f6de0b43c2b5ad23abe3b1433bc62d6e6fc7","ssdeep":"","tlshash":"5d900211054004b501782588c727ca5494504129621742558514490aa953480561b820","size":51,"data":"","first_seen":"2025-11-03T12:41:42.439607Z","last_seen":"2026-03-14T18:36:03.218198Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"01482dbccbc71a55387808675b1fc220","sha1":"4a6cdc20380b74b76f87e8ac104161e10b33cf84","sha256":"ed8f8a5ea8503d0b4607d24e98b0ce48c3b362c2cf750690e55ab221db139ddd","sha512":"416ad096d823bea1f734023f3fbe5fa8cc264dd856abf97351548be2083a0343476ee9f9a2d63531fc42a7d0603559931947f169b8d45950045cef4efd5b5bd1","ssdeep":"","tlshash":"76c08cc5a0c62e005602681050bf24e49034802a708c1b12cc94d8582e660b0a237e98","size":142,"data":"","first_seen":"2025-03-06T21:41:52.851407Z","last_seen":"2026-05-17T06:45:34.28705Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"44bfd921e9543c2f43861ff2ed742d1d","sha1":"a6639d2c6815b027fe890f5e3829c4010591683c","sha256":"3ac1b7a6639f6e4bc683976b2127cfcdf8845314148579ac3aa8f989c146461a","sha512":"e9fc564c4d2700d6be82f054d1fc3d2d23d38e806e9f5eefc94b3ea49b8e6d1f2a637eca669953a8311dbdfa301aa63cefbf2c13bc6eec9dde9bf9442a8fe3d6","ssdeep":"","tlshash":"a9c08cc5b0c22d009a02641110af28f49024402670482b52dce4dc483e220b08237e98","size":142,"data":"","first_seen":"2025-03-06T21:41:52.819585Z","last_seen":"2026-05-04T13:30:53.665797Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"3df38511ddc1798fced45fd3ddc0ae4e","sha1":"5172a9514fc72f60710569ad9195f5a1ce38f265","sha256":"d6800be8d60d81a72514f449f3ea2039ae413185c00a2fa267c02e34457a0f63","sha512":"087916c44269173d5526aa64fca5d62f7bde043600251e2997fc2edf70374736183d8993e80133032c9532032bcb1e279b42f10dc4d1432160c8aacb24f5c4c5","ssdeep":"","tlshash":"91e068c260b7294c1220c156304ac4031fb608739e868d613c8c77a58ff9b5bc56d899","size":383,"data":"","first_seen":"2025-03-02T13:36:53.293678Z","last_seen":"2026-05-24T12:07:54.977829Z","times_seen":935,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"78f892a6cfef93f07558761073154f55","sha1":"709b139cc0edda8dd81d62e01b7d1b25e98cb681","sha256":"1c41adab46d50baf11f93365929c9bb19e5509251dc3edf77121189ee99d6617","sha512":"36ad297cf367d877ed0395bfd59422fa6fbc802d26cb41f465bcae70950fe7ae3b428d3048f8bcffbe99a6d8da08f387c8b252f91a8cc8315c3866a1c75a9df8","ssdeep":"","tlshash":"5bc08cc4a0c22d105606641010af29e49024402670889b02cca4e8492e230b08233e98","size":136,"data":"","first_seen":"2024-08-20T08:22:25.451659Z","last_seen":"2026-05-11T10:57:08.434779Z","times_seen":116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-avatar.C8zWsw3k.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"cccd9c0ab49f06df88c2147119f9ae63","sha1":"adedfabbb8a549301994fc0df5686a26576b3abb","sha256":"ebf3dd6d8b1e429975d42b763b80261f3b16d39ef790e3e776429beacd3939ac","sha512":"f1d3113626300e0a23a35b2ac2154ab79fec0affe8319e512078341557aed835f4402a15529e333cab732a9df7855f253e9210aa11c84e45c4b0caafd726876a","ssdeep":"","tlshash":"de511095712da82ba9c90cd724200b8460242fdcfb747a7efee175f186c7964725cf28","size":2641,"data":"","first_seen":"2025-11-03T12:41:42.418194Z","last_seen":"2026-03-14T18:36:03.194514Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"9cfc406cbb846463a630744b40183867","sha1":"029de19bcde0b1c968fa46ca0ec5b06f0f769e5d","sha256":"e0d3bd7611fdd078e49138957a5e7d39ed322b586ecd7f63bcbace530de73bce","sha512":"72f3e0d7e8d7569415362aad4b8858a4916fb68a0846c0e9315b7bccc0de006c27e3cd6b92abb74b9962031a8ebc1d3afeb1e2a6ecc58bd7999c246bc190a472","ssdeep":"","tlshash":"5ac08cc5a0c22d001622645410bf24e4902c442b70481b138cd8d8593f220b0823bea8","size":142,"data":"","first_seen":"2025-03-06T21:41:52.840044Z","last_seen":"2026-05-17T06:45:34.283998Z","times_seen":115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-app.es.d_vLI1bg.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"6b66c5e8ec007c309842caa5d15df880","sha1":"31792ad204aa6e3cc25b3f6e53b7cf2b950d35d8","sha256":"eb004fa1e81b674bbd9d3ab61a87d6d1bbbff407c1b41e91043edff23493b3cb","sha512":"d6e8cf99e6c0312cdb41693e9a0a96edb79178e6b4f4ca7dd2ab3c0cfce9c39f4db2d6f7e02132afcb3485f38ca2c91b573d56bd17e9e8e53e01f9ab540db8cd","ssdeep":"","tlshash":"d7a01287644120122822048010555907a17611d6458d862081c103244afc4a4d128909","size":84,"data":"","first_seen":"2025-11-03T12:41:42.468412Z","last_seen":"2026-03-14T18:36:03.198241Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"6f77406794a24e817d3d7d15b0a272d0","sha1":"4f9a56b2c163ab9eea256e737c61540fd8ee3fe0","sha256":"05e2aa36735167a31d7dc934f89b8ce38d10f2c69a31b810122035cd578ae690","sha512":"8fbfcebe9c6ab516eecc2b924629f7fd36067b6de44b83de0985fb1e51e50ec3986fa78e5edab662a93a9b7c4162706586805c028db290fa43c0eef8fc66cd5e","ssdeep":"","tlshash":"c0c08cc4b0c22d101602a51010af24e49034402a70481b428da4d8492e220b09233e98","size":139,"data":"","first_seen":"2025-01-03T15:55:01.073687Z","last_seen":"2026-04-11T09:25:14.8297Z","times_seen":116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-bottom-popup.Do86PuJn.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"9c47a3498f17854bcb9587a78b63e229","sha1":"b54a78404bf6530366f07b97865e73c57bfbe8cf","sha256":"180def387d1bc0be386e9e3e9c34cdc12941080d8c7ac0e7529bd8626eaf6c4b","sha512":"f2a90382fdbd58a9fe03b0d147cc2eb76f884c1ba6cdb8cfb24209d77f31bbaf68c4e92f9144e390c63be10fef30d33ac689f4d8ad2b3023430d704fef4be866","ssdeep":"","tlshash":"db317419b00c25733aa6d4b560281d442c287b9ce7f43fdafed932749b49ed8a15eb20","size":1465,"data":"","first_seen":"2025-11-03T12:41:42.37716Z","last_seen":"2026-03-14T18:36:03.206428Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","size":91,"data":"","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-05-24T16:26:51.131525Z","times_seen":1503,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/alert.BOKVEe7A.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"567a38dfa45646fef0d226c48b0497fa","sha1":"051616dfd2e2049a69261c4f552bb22212fe0eed","sha256":"4db9d6381cb0924a34085db47a17e94f696eb11dc9a47fdfc76088572aa8f2ce","sha512":"148ba5bd57437f8aef5ca365b1c0a4575497a1c46acf3f36230f86e74963c71dd7127cbbeadf6e5e4365f0275e9035cea4925a12c03089058aca3a71592ffe93","ssdeep":"","tlshash":"7121205b7a0cac232fec4dc5a1511012890c2ace92dd5eb5b9f821e96b398c5f1de739","size":1366,"data":"","first_seen":"2025-11-03T12:41:42.434Z","last_seen":"2026-03-14T18:36:03.206986Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"43d45cd921f7c9f24dcf5adc8c81f93c","sha1":"f791d6862f2286f3abb42e4234a4a8eaec317216","sha256":"6452e2b32fa9717507061f46ea11c92b3a34d720eb84977fb8893d4b51e785d3","sha512":"abde30900935edd06f58ee03fb03c3bf0c2edd6f78d032dea370a90384b1c9ac258f4aba8c3a0f1ea617a317e3377f5c429634523f5fe5dffb885eceec8c7b09","ssdeep":"","tlshash":"43c08cc5a0c62d002603651010af24e49024402670485b03cde4d8492e220b0a233e98","size":139,"data":"","first_seen":"2025-01-03T15:55:01.019525Z","last_seen":"2026-04-11T09:25:14.805844Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-backdrop.F03BBGK3.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"04ea6e2b271475ab19b88d30345820ce","sha1":"45aaae1326fd2505dc720e44af8b9c15c89b78df","sha256":"fa0ec06243142c73b97d6be2ed5d7ac5999429416243d45ac5d8e090fe32fe66","sha512":"e326ea782645e08ad2afa9849c9af1371b4321bde843b06ba56eb0acd9061c8a8e80b03daa637130695ef07dd4262d49a1f1055588af482dab5fb8cf84f5ffe9","ssdeep":"","tlshash":"ab11e30e744ee4323aabe574e0240a50441c56ade66a3add45ea71f90b4fcac939eb04","size":901,"data":"","first_seen":"2025-11-03T12:41:42.437765Z","last_seen":"2026-03-14T18:36:03.208894Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-drawer.C9G2LKdp.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"3180d6cb2cb361a87b2a411c442145de","sha1":"49a99f863f4203b3b9b91da0eee68db355af9424","sha256":"fafcb78f8a3daab297a86eaa08241a11ca8f4ecba5ece7f9d67d3debb383a324","sha512":"1b7ae80fe889e364def4a8fc6845700f6568daf8ec1917c70820952eb0ce0f3e74379733537d85e187302b017276af4c9495af63335ee04cbaae1062f47d3137","ssdeep":"","tlshash":"674165dab80e69320df24152503965445b047bf8d7b175cab2df28fd030c8c5528df38","size":2260,"data":"","first_seen":"2025-11-03T12:41:42.384871Z","last_seen":"2026-03-14T18:36:03.198798Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"aa4bfbffe6a9005cb37219f67879efb4","sha1":"71fedf6ad5b7fa839cfdde2a4d24e16bc5a2499b","sha256":"b53cc7ea4d44e85b351cdabf627f5c66b55b22ad9f5b4aaa0a62fdd7105f7dd5","sha512":"dfb4f0c1c3b2652f2545b67d9b764bce5852a46d6e529ba5109c7c219005a386968b61900fcf8669926f020567e80050fcd12fb6b33896a4f32cc2acb01a0adc","ssdeep":"","tlshash":"21c08cc4a0e22d805602651414af29e5a02a8426788c2b12cc98d8483e224b48237ed8","size":146,"data":"","first_seen":"2025-03-06T21:41:52.857464Z","last_seen":"2026-04-11T09:25:14.832424Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"845a55093aa62177ed83a3d26ff7ac5c","sha1":"8666999c6214d1a9134a620107c59264334fb20a","sha256":"a91b1b0bb1633c33efcb563bf4c10e2359a4ffbfe09640911bc31fc3b3c23af0","sha512":"7a187d2d8700d258de94e23b16a853a0570187dd41ffdcdc2b4e1edcd6b7f725be176687b6cc1e92447340c09a821963527ae226f23221d89ee25bdbef9cf74d","ssdeep":"","tlshash":"60c08cc9b0e32e001a1264102aaf28e4a0244027b04c1b028d99dc492e230b49233e98","size":145,"data":"","first_seen":"2025-03-06T21:41:52.799451Z","last_seen":"2026-04-11T09:25:14.83159Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"43de63ef85aa539739f0deaf918049f5","sha1":"ff94e0578283728a3c454f18a4895f11ef54d505","sha256":"2886ce06c0c376de256f9e971978e4f72ef1fb0eded2bfe88b17bee74625642f","sha512":"949547c3418f6f244f976a709e371daa2cbd51e1ec96e3be9ae4d2b56ae612cec142a8fd5e33ffe7c208c3f548cd59c0d72d1fa10f7384bc8ec216091ddb15ea","ssdeep":"","tlshash":"2ec08cd8a0c62e002706645411af28e49025402a70481b428ca8d8992e220b0923be98","size":145,"data":"","first_seen":"2025-03-06T21:41:52.810711Z","last_seen":"2026-05-08T00:46:18.6964Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"e29674aac4cbf941ea3d0259d0de3c2f","sha1":"64274859393581a3806d3b6251f9f1eeb4ffcb86","sha256":"6861572c5cad0b9b8480e58039a514af718173dd8c19fa87152da4fbdec7e820","sha512":"cb3a7880977f53b58f487596b5740e4679c5b7a86a29e74045eaccbfb40c187e6a147b0e44289e399d7fb4d3525724e2d038feb0389e43606b936fa78bb97e8c","ssdeep":"","tlshash":"77c08cc5b0c22d101a02a85410af74e4a024402770889b128d94dc592e220f09337ea8","size":145,"data":"","first_seen":"2025-03-06T21:41:52.873987Z","last_seen":"2026-04-11T09:25:14.808287Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-nav-bar.B-WXcPYV.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"f7412b98c1f1c3a7b76e6a60422f3eb9","sha1":"e0484a115fd6cc2657381061f6f889256cddba6d","sha256":"0c8ad0a2a1ddb2ac70c2cb447429591cb87e3980474c46bb86565466617c65b5","sha512":"2dc35947221a13bb3bb54067f75cce0dc41cfe7ff97d138e2ed1f8535d7b694142deb75115c68291f6bea9b052c3f19f10ba35a1cbe7619ce9bd8490bca14cef","ssdeep":"","tlshash":"d9515211351c90322e49080ea0a15370a164aeadce317969fef5687543dfc5eb3ecf18","size":2574,"data":"","first_seen":"2025-11-03T12:41:42.432158Z","last_seen":"2026-03-14T18:36:03.197185Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-icon.CosUZAIt.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"c762414f4f7d835d5565515f868d9cbf","sha1":"8509cbed8639c667a511d73cb08b508a3cff4874","sha256":"0ffc55afbee12bbb59fbecf7265dfec06c36b66d17b3586b99694acbe72aafa2","sha512":"433ce558c78eaa533680f34a3aac23c39dfa96d1e5016863d6b1ba233d096be88eca0d716d14da2a2faf7ef51bcdb2e0dc0359f6d05867e8144cff32fb1c40a1","ssdeep":"","tlshash":"0c81638e64f9ac2b6e8e7eca544c1203d0d19f58e9e0fc52ac9d09e5e57e950720df2c","size":3972,"data":"","first_seen":"2025-11-03T12:41:42.450395Z","last_seen":"2026-03-14T18:36:03.193486Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-button.Cs337qol.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"bc91ca954920f2c3f50c883d23140dbf","sha1":"05eedc09de792c3d0de24936eba4a13ca9e2a1f9","sha256":"f639e14a8899307f1a145e67d8b989b79fd11c2b2598fe8eff1d95deb552f4af","sha512":"e5f0f0b943e0b7d7aa58d7ff2364e3a2ab3a221f2350e00f740b190a94cd8826e1253ce5fa410365855328a71e8987aa74c6da4b66e0850eada2e85c6b0c052c","ssdeep":"192:FDuk4LqPOCDTRtYLRh9eBiugS7wpkSQVefhFbkjZP:154GuRu8Qcfu","tlshash":"3cd18441315c253b7fcf865c70b50f82c217a9889861af3ebfb4b1b99b4a845359ef24","size":6485,"data":"","first_seen":"2025-11-03T12:41:42.444501Z","last_seen":"2026-03-14T18:36:03.190794Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-popup-dialog.BOFpiNni.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"27cb0c1bb7cf364a794f0cd90bca7595","sha1":"aca0613bafd0121275c8d7b011e25ba620ef7578","sha256":"a8032afbadbaa514dca9291a21be1d850d1d3c274c45421f6e8bfcf4f5e870cf","sha512":"b82c26b9377e47d19d52365d808e969dfc6cbac4a03b0ff3ef47efa2b42aa48ba39ba37a4291a2058e52e6509ffb97794fca7b08ae2de1bcd711cc72e695e3f4","ssdeep":"","tlshash":"f8613fa17a6ef7378ece066042014901a1611efce9a43e7476b870da4f95cc1e2ed73d","size":3450,"data":"","first_seen":"2025-11-03T12:41:42.399722Z","last_seen":"2026-03-14T18:36:03.207938Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"9cbeee43eb9396cc6f22ceb11a068a8b","sha1":"855c2b8e594a001965664c3dac645d713e2c239d","sha256":"4748c61b3b46c6d4621d9fe0f60dd4899f2041684946b1434ba9656cfd8db04e","sha512":"13e27d58dd059ba27341cca34d9fd559187d1a26e28aed067fb26d0a35b3e4fb6d9f0a8f9ea8f4d3d207dfda8ae35c0ce573288498bc2c56472beade7926ee80","ssdeep":"","tlshash":"bbc02bc4b0c73d001606641050bf34e8a034402bb04c1b03ccd4dc483e230f08233edc","size":139,"data":"","first_seen":"2025-03-06T21:41:52.844247Z","last_seen":"2026-05-11T12:41:38.578682Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"8b02361629b0055d0bc50a7725120084","sha1":"3db536ab62f8a1cdb985392e746271dcab588abb","sha256":"0bd25d0099b80865dc07435321a2ef7f2bf37230fdb7d7bff5b86b12cd885f84","sha512":"836c1fbc3f6119c7e71ba4a5902e4a2f712fb9aec57300d4e29ea261ac1f74983fc3bd564dda9f3aff05298278f506643a355b2a7e791821910b6ca655cf3af1","ssdeep":"","tlshash":"2dc08cc4a0c23d001a02681124af24e49034402770881b169c94d8482f220b08237e98","size":139,"data":"","first_seen":"2023-05-14T12:04:09Z","last_seen":"2026-05-24T22:22:47.232679Z","times_seen":2678,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"83c3e2adf3a6b14111458849e2f1e4d5","sha1":"562013729ba02b66b570492fb0a0f2b61280ec93","sha256":"ae599c2b6f2d946ba47f1d3f8bde555c91f3be80698db0c4e265bbef72849628","sha512":"a7332aa69feaa155fb0fc097e71f9908dbcf2ec5391d734e50b88281b9fd98c6d3666d741b514bc46ee9f8a3472efc3cd15b487e4090492071818822435364f4","ssdeep":"","tlshash":"abc08cc8a0e32d001602741410af24e49025802774481b168c98ec983e220b09237ea8","size":142,"data":"","first_seen":"2025-03-06T21:41:52.808608Z","last_seen":"2026-05-04T13:30:53.674125Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"93992c1cf3145909c5e4816887e98d37","sha1":"b147c1262b2c314144057a58562731697a807190","sha256":"8fa9db851a6109a9a6903b76336701b3a196bd0086ec94fe9c42f6bb03312319","sha512":"f9dbef4a25441a9907c9379a5bcd9ddd24d185093455259564d1afd391a7078999ce2dfe4203113ae74423a53530ed8fffca92e6e6c78224a2f779fc37ede64c","ssdeep":"","tlshash":"fbc08cc4a0d72d001602641490af24e8a024402a74482b238c94dc582e620b88237e9c","size":145,"data":"","first_seen":"2025-03-06T21:41:52.793052Z","last_seen":"2026-04-11T09:25:14.82404Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"3fe84d3b334059b5017204648d4fcaff","sha1":"f1192e53376aa48f12881b86bc2c73dfe7bab273","sha256":"0ddbd64e1d7ab647a6857dfb1d04ead6198e2b9695e96183a17f5a3ae463b82c","sha512":"648548e6e0620d2434af6d7ea9cc07402e80e513e2150bca1075bb09a350a44eb0e959f7f31e42b01861d5b3888bba0ae10acbb1379440cb95d308779e90a9ca","ssdeep":"","tlshash":"fcc08cc5a0c22d101616a85010af74e890244027b0585b028da4dc583e220b08233eac","size":139,"data":"","first_seen":"2025-03-06T21:41:52.853527Z","last_seen":"2026-05-17T06:45:34.302012Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"4866483e1bd36fa5d1b4643b4bcd5e33","sha1":"f44fbe7a303f92dd2ff2a229dfc17fe59ffa9487","sha256":"e40ae7270772d513a47eaf2d2ca9bb2fe736b40f9c9e4aaa45a29e8f49fa64e3","sha512":"1b20ed8d8070e15b296200328be28d46fbfa11763cec18ece02620b1bd82950f9364611c02a161f2aeb35c6f15ec79a3ffd72f42715a4ff7819df0f040f5f6d9","ssdeep":"","tlshash":"1cc08cc5a0e62d001612649450bf24e890284026b0481b038cd8dc493e220b08237ed8","size":142,"data":"","first_seen":"2023-06-07T05:45:47Z","last_seen":"2026-05-17T06:45:34.297093Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"4a0e52df18f32ac4e4626fab6d225b77","sha1":"b9a878f1ebac58f41ceff1830cb823c7c956fcb5","sha256":"67c0e050bb957e808047a8525ee0dd4fb6d29b289158b9ec687882c399754af7","sha512":"0d94fdd5cc4f7c1e058ca49f65320a4a09197b987f6ca88159dae21f6add7b9222ed5205b85ff2b1a3f8c53073950998e92a64fd056c40cfb898c4c42445c93f","ssdeep":"","tlshash":"dcc08cc5a0d3be001606a41550af38e49024802a704c1b029ce8e8482e260b28233edc","size":145,"data":"","first_seen":"2023-05-15T21:27:53Z","last_seen":"2026-04-11T09:25:14.83321Z","times_seen":106,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"43d45cd921f7c9f24dcf5adc8c81f93c","sha1":"f791d6862f2286f3abb42e4234a4a8eaec317216","sha256":"6452e2b32fa9717507061f46ea11c92b3a34d720eb84977fb8893d4b51e785d3","sha512":"abde30900935edd06f58ee03fb03c3bf0c2edd6f78d032dea370a90384b1c9ac258f4aba8c3a0f1ea617a317e3377f5c429634523f5fe5dffb885eceec8c7b09","ssdeep":"","tlshash":"43c08cc5a0c62d002603651010af24e49024402670485b03cde4d8492e220b0a233e98","size":139,"data":"","first_seen":"2025-01-03T15:55:01.019525Z","last_seen":"2026-04-11T09:25:14.805844Z","times_seen":109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d1df318a29b4ea9d1fa09d5882cf0953","sha1":"a6da6bc0501f5196487385c8f07b6721e5351f7d","sha256":"8db5ffcc1e5501d3d76ceff62e66d81fb734b4f004b7a911a709b243379996f8","sha512":"420fa2b20b249f6a07203a12f0e2311b62860a996ff2ee5303a2b4fe0eb2327ae506a4fb267aecd512c72b644d5af8ba83409989c53268814ce944b74b37a187","ssdeep":"","tlshash":"ccd022c161836c105301a649957f29e8a0285426b098af13dce8dc853f220f06337fec","size":198,"data":"","first_seen":"2025-11-03T12:41:42.50104Z","last_seen":"2026-03-08T12:34:05.597564Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"8ec27b6a935193ce25dc60e702dadee0","sha1":"b4bbe5305bb4c69e16533b0e9b257e6f6d6fcc22","sha256":"869996f17d26574db2418d55b38259343dfbb86199b2825098a5846d9455a185","sha512":"0086a9f1fe770f9e28afc892671f975be7a15bdfa49e132cd59461b0fbd7d0681b6d5983c654921ebb874f245a08cf844f708f73516d1a80d4454a6d4e68c238","ssdeep":"","tlshash":"73c08ccaa0ca3d201602a42490af28e8a0248026b1481b529ce4d8492e6a0b18237e98","size":151,"data":"","first_seen":"2025-03-06T21:41:52.870146Z","last_seen":"2026-04-11T09:25:14.824923Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b0479a50905938767c9ea1ee00bb44cb","sha1":"cb6c51ccca04bfaded46244744f261f6a20923bb","sha256":"f6d8dce533c7bf1a71465adcacaf018b1f8db3f4ab7b112c052fc67853bd396f","sha512":"6281c56c166a16d339f69ff11494477001b01097d5ad8358800693a940e97310704a143d925a52ad4841cddb31568e7a31362f832e07ea184079b6ea078c388f","ssdeep":"","tlshash":"7dc08cc4a1c22d001612651410af24e49024402778485b128c94d8592e620f08233ed8","size":139,"data":"","first_seen":"2025-03-06T21:41:52.824816Z","last_seen":"2026-04-11T09:25:14.815779Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e8297fc779f46d5e85c590ddd47f384","sha1":"f1e3db78f6f0bc97be601970d9d17e6e976f5a3c","sha256":"d5ca016f39833b8d0b6aa4c00bb9dc25552a517e875b5187e2060e41eec891c3","sha512":"0106f31f1deade8e7ab14e78366e42645d20d54212cf6cfcc501d553c83cb50856c4ae9e35fba8db9ec5d695cdc0479b5d40da67f9b9509baae287a272c876ff","ssdeep":"768:tl3A/lD8UyMrhNgV/fPFnksM5Mhzn0WrGI9eXQbTBTMDKY:f3CeMFNafdnksM5Mhzn0uGI9eXQ/NMD3","tlshash":"e0f25202ba1cf6649da3125cf0998001b07aaccec1043a5fb5f42c6f52d7ca959edb7e","size":37298,"data":"","first_seen":"2025-11-03T12:41:42.426747Z","last_seen":"2026-03-14T18:36:03.192914Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/index-No8yArsk.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"f620d0c895906cb24c112f6ca2d6b97d","sha1":"78849a8cc2fdfdf96f7173f0c1b64b78172245de","sha256":"38401776eb2b6d85655622ec59f724c4819cbb5e30c76d7a11e1284c1789cd73","sha512":"d4f273a2d8bbc3d761d16338c7aa80927ad190f96386bdcd20bb36fb17169c48a8836b1e044670c68460b7f201b3b3549715de25ad41b69dd2d912787237425a","ssdeep":"49152:SkbO/N7tkdXTqO6qG5+2OlqCGOANx7jTWYCZXhI4mlop4OD4O24OZ4OxU:17hf","tlshash":"8995b6282a1bf354e959c0d7f9373c84959dd18ab00714d54fb98bb30be2782eaadd13","size":1987455,"data":"","first_seen":"2025-11-03T12:41:42.489653Z","last_seen":"2026-03-14T18:36:03.230744Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"2b72232ed380a528eeb3a552d77ae9c7","sha1":"6dc118004f8c5dcbcb571446e544948e5884cd56","sha256":"b7d4991a24ab4ba72ab4e3cfa67e51ed181d0f21335bd7adb062d024a1564c4a","sha512":"9a7cba48645dd78c7a719297ffad44b3da7263835e444e0fde947908fd4345a1cbb1d672b3e53338231cd6a11b38c7d45e5395f1387d368b0e8f93beea4d6347","ssdeep":"","tlshash":"77c08cc4a0c26d001602649010af34e890244027b0485b028c94d8482e220b08233e98","size":139,"data":"","first_seen":"2024-09-19T22:02:28.519141Z","last_seen":"2026-05-17T06:45:34.2834Z","times_seen":206,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-tabs.BiKlbrzG.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"7372dc7858fe87bec36f77ef8550238d","sha1":"dc2ee9b05dfbc79b569c52fd4b6981449eb8c259","sha256":"5131d999bc091840fb86da02f6d250e84aa9998b085280083b8c42b82c5fbcb9","sha512":"98d7924ba7e8321a07fbde65af6a0a1cc754c7cbee31c87fd84e19e4186bc043f0facc048bc2cb7b5208ea303fe84b5427bf9c211897ea49472348eafb827358","ssdeep":"48:dFL955ZggHqFbLJZAcHYaeXqH5QvbzEYpYbJQP7d4jfKwhOwFiOpTEecR71WPD6s:l55LHqFbLJZ94XWkY67dfEOfoo6X2V4x","tlshash":"bda17426378da0336ec7648a60205b95d5658b9cec247fedf3f1143cc706a1950ecb69","size":4838,"data":"","first_seen":"2025-11-03T12:41:42.410417Z","last_seen":"2026-03-14T18:36:03.196099Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c2a59594b7c750c554d59b777cf7e0a5","sha1":"cc0ac4dbb49aff978ff3ee7d7c1a27f761ba6a20","sha256":"505695da350a211f6c8dbebc42f4bdc2bd8e287e4f5611c8eaf94c81f8951468","sha512":"8fdf9120a742f4fb36ebe9f4bd7684db839a87a5773a496dc5a6e6a8403cfe7562e67463995d588160f8fe75170f338034d8676b7708873d3c0b5c84a0da3b51","ssdeep":"","tlshash":"eec08cc8a0c22d041702641011af24e890244026704c5b02cca4d8683e220b48233e98","size":139,"data":"","first_seen":"2023-05-10T15:08:47Z","last_seen":"2026-05-24T23:18:11.120803Z","times_seen":6386,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b5ed9d8287212dcb0b5dcbd05303c90a","sha1":"e29be6d3f5ad598ca55b0f9ebada6c9d380fe0c6","sha256":"97973f3467ce826ba73061493f7a410ceacca34708902ce84163401c1214339e","sha512":"52590c52b0289665f63848585ec0bec3e709bb04c2b2eaa509320a27a398291512f12a347152156c0e48208e10a8c13ee9f4e9509c764b60771e66bea64757d0","ssdeep":"","tlshash":"3bc080d5f0d33d50a953942514af25f860258416745c6742de94d85c3e230b4c137d98","size":166,"data":"","first_seen":"2025-03-06T21:41:52.795358Z","last_seen":"2026-04-11T09:25:14.82108Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"cc13a1d49ecd7e65c86ddf9f7ea2aa94","sha1":"92744c0f710207bac1ec10b3ebf38d88aa55b5bc","sha256":"76ec5c1b3898be13b5993f9ce689d9fc74599c4e989b9699fac0db37fe592eef","sha512":"4c75862b9549295f0c755f6bca197288325fd285e2320a2de85ecec32ee5b1976de457091eb89e4a5a155fc2aa05254dd0070d89fdf57f36c7c2a3013e7093b6","ssdeep":"","tlshash":"66c08cc9a0e22e101a02641020af24e49038402770481b22ccd4d88c2e2b0b08237e98","size":145,"data":"","first_seen":"2025-03-06T21:41:52.808007Z","last_seen":"2026-04-11T09:25:14.802612Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a9f5f09adcbf0a5b8e86d0c0ef495b29","sha1":"565266ad0406b73d723552ee29ea84a5178e1983","sha256":"9ff9423dde17df4318273f838d5844b73c72c61192b643cde4fed2fc15eb09c4","sha512":"ec07a9ac17a0dfa2f29af77a4b6cc4a2634a0b4e09c9f22f844079dada1346a92989ea5e93adbebf3c4068a656ac407d93491e49ab80dbdd7dd5a2953d8b5fee","ssdeep":"","tlshash":"e2c08ccca0c36d101612659110af24e4d0248426704c5b17cc94e8482e220f08233e98","size":142,"data":"","first_seen":"2025-03-06T21:41:52.862159Z","last_seen":"2026-04-11T09:25:14.823096Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/currency.DdraAnJM.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"d791828b3bf11634b64e43ab258c295f","sha1":"3a40f67ff4a00458c8f037cfe6572f65bbe450a1","sha256":"c92b18a0d949a43ad14b27fe71bbd670619a06ccdb32cc96b7c092eea94fc72f","sha512":"1aad95966d16a1615cb27f67cce14404574a3628f592c724a18ec6d213c12a1a19b12892614cca520915131172d6eb13246e9c1bb9db3d245460892626925842","ssdeep":"","tlshash":"c0f090db94a2d4e2c1755b48751962140027bbb5341f9ae03b8d22c6b3dc087d032d7b","size":552,"data":"","first_seen":"2025-11-03T12:41:42.45256Z","last_seen":"2026-03-14T18:36:03.191934Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f298135cf3b36c2e6008acac53c5a30f","sha1":"4e933958736565c61dc3dea049d95461ed7f3e01","sha256":"2df1b8fbf20972b8a6e0d88a99af916dc6beee8a2468f2dec48ce7ff23185d78","sha512":"2c57840a02a1b302787f2b9b0b6e37010089da62673e69bdc5b74a8f10ddf0266c5de21c623c4e3de01c50afd85e154b6209cdd8e9def8f62ae265698baa7e89","ssdeep":"","tlshash":"98c08cc9b2d62d101602641111af24e4a03444677088ab438d94ec483e320b09233e98","size":145,"data":"","first_seen":"2025-03-06T21:41:52.847154Z","last_seen":"2026-04-11T09:25:14.838218Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/index.BPzkSZRb.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"09b15105e93a0cbfc6785700fea4d03a","sha1":"04bf69af69a2639650f31dc48eb5b83c842512ac","sha256":"27d789fc37395e330aa10712eb4b6335d7edf8cbf7b13b22cde2828567ca3852","sha512":"fdb44c9266198504da3e18aa010912f8c14416ba32ef1b6bbbccad7cd9fc35aa70a5dbb987b97bdc4b29eb2e85a357d8c897d57ded6469b08f90c2683179c528","ssdeep":"","tlshash":"0d3144c6b9c15174931bb4c091a44852d24c9b36fa9e95d4f0fb9e941fbc584f45cb2c","size":1665,"data":"","first_seen":"2025-11-03T12:41:42.430302Z","last_seen":"2026-03-14T18:36:03.203868Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/use-route.BocVJu-Q.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"66d268855666d5c4d147bdc7978c9750","sha1":"e59cba0f1347fa123709d05da04979a38e0200a6","sha256":"c6b5b0251a24cf03afc679de45963f40ef85f6dec01621e8aeaf4bbf7b9fac5c","sha512":"ed7c5873b1b13d65a623a654481ef930e3c7b03d2bafa185ad5581d831e212e6faa7057913d86fb05f86569338a56de31ba42ad279cb475b0a3d47e46bdda479","ssdeep":"","tlshash":"5cd0e7db3c456ef5005307ad4407057f8173164c31a3b0d0c104f46b11a609c960ff08","size":290,"data":"","first_seen":"2025-11-03T12:41:42.38097Z","last_seen":"2026-03-14T18:36:03.209759Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/user.PCs5E_5v.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"8ad8c1b029f90af4760c71519ea5f0ad","sha1":"14d813c618a34b2b11c15755fa3f9ef06c36bd38","sha256":"029c006ce0a5e6fd89964a35002bbaf038013a0ed79146d1d45efdd2b6efa31b","sha512":"2ed3aedd2c2082e500f24a6c6804069badbee618625384c08743c57562fc75130366591d0990f3b7337c88a86e76c86248947d366240f0f6fba44125bb9f70af","ssdeep":"","tlshash":"7021f59eb91201c789358f487c0c732a8106febdad0f3ae177a4159cc3c99d762a6027","size":1394,"data":"","first_seen":"2025-11-03T12:41:42.393731Z","last_seen":"2026-03-14T18:36:03.199732Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/#/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"82c75e4211af463c83dd0b392950a84d","sha1":"7711145a5e9396f42c8fae7cdfab228e430976f8","sha256":"a8d3c954f00f9ee71b146a14c25f93317210ce418d3744f03006dfad766133bc","sha512":"e71f79895f0c5a12960b31bbcb8240d1c3a17aee755bb3afa4723fda424af599d0935da91e6a8665f46341b4e771cfc6dd2fd4311588a9c5129bc55edb8be715","ssdeep":"","tlshash":"15c08cc4b0c63d001a02aa1020af24e8a02480ab704a1b439ca8dc493e224f08237e9c","size":145,"data":"","first_seen":"2025-03-06T21:41:52.789416Z","last_seen":"2026-04-11T09:25:14.804257Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-05-24T22:31:10.02951Z","times_seen":15553,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/position/detail?code=banner","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:54.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"OPTIONS /api/position/detail?code=banner HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: accept-language,authorization,client-device,timetamp\r\nReferer: https://hypecip.xin/\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:54 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/common/config","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:49.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"POST /api/common/config HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: zh_CN\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1769404608\r\nContent-Type: application/json\r\nContent-Length: 23\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":23,"data":"{\"group_id\":1,\"key\":\"\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: text/plain\r\ncontent-length: 463\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":670,"size_decoded":0,"mime_type":"text/plain","magic":"JSON text data","md5":"931d763efffd249da4f54d95a217fd61","sha1":"eb996de0885ea1bcb6d568e5bcf4d5100a2e8f08","sha256":"28c0b8d7a350e64913daba0232e24cdf59ba334f68c34e13ca530e7a975f08eb","sha512":"c944162a0697be4b6bea74527ab0f50d5d1913b14f264fc7b2c8402dc00ba539c39537a253ce4033a81782353d5ceaaaa7882103dfd1124f7ef741c679964cbb","ssdeep":"","tlshash":"7701f4a61a444f6a474557d6e11c640d941e2603c45db883eb8bcda0cd6c0dc6004722","first_seen":"2025-11-03T12:41:42.475628Z","last_seen":"2026-03-14T18:36:03.202777Z","times_seen":15,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-nav-bar.B-WXcPYV.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-nav-bar.B-WXcPYV.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-a0e\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2574,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2573)","md5":"f7412b98c1f1c3a7b76e6a60422f3eb9","sha1":"e0484a115fd6cc2657381061f6f889256cddba6d","sha256":"0c8ad0a2a1ddb2ac70c2cb447429591cb87e3980474c46bb86565466617c65b5","sha512":"2dc35947221a13bb3bb54067f75cce0dc41cfe7ff97d138e2ed1f8535d7b694142deb75115c68291f6bea9b052c3f19f10ba35a1cbe7619ce9bd8490bca14cef","ssdeep":"","tlshash":"d9515211351c90322e49080ea0a15370a164aeadce317969fef5687543dfc5eb3ecf18","first_seen":"2025-11-03T12:41:42.432158Z","last_seen":"2026-03-14T18:36:03.197185Z","times_seen":14,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/common/appActive","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:54.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"GET /api/common/appActive HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: zh_CN\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1769404614\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:54 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 80\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f480ff4669393f02bd3f4702c200df2a","sha1":"48c0680950b7634d528c2a8ac55375fe38d81498","sha256":"b341fcd6e554a554a1b80b9aa3706a4c8f1f717f7833c21f71f640b525493305","sha512":"c851fb94e09d2985339b5f976e121f9d5ea470b3e7754d320e0abf1aebdadc8a5c9ee747d2d84ab19f391d9a5ca4f57e5b1633b4728dc7140aaaf1939e9a618c","ssdeep":"","tlshash":"d4a002511d04aae7fa435192316a390155b970a285a0944d985d526cca985677043e3b","first_seen":"2025-06-08T13:31:29.645357Z","last_seen":"2026-05-18T22:30:56.926902Z","times_seen":60,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/static/statbar/new/market-d.png","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /static/statbar/new/market-d.png HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:48 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 04 Feb 2024 01:58:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65beef5c-39d3\"\r\nexpires: Wed, 25 Feb 2026 05:16:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14803,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 823 x 823, 8-bit/color RGBA, non-interlaced","md5":"29a40a77d0e2728d54a09eff08e586c7","sha1":"9d6800e8ae740b9414f705c0ba3e443f956131d3","sha256":"65f39723b4493e06f4b8b0f3fada984b259026841d0f81b4303ac811a380cee7","sha512":"eee4e1d74b2b814bcab6d8a56a06cb616da8b72c1f30b4f1d990a9613f7b0dc24af6f2f16cd42b47d6df1bc8a5660fdc7b2970d8ca218f1482ed0be73344ff97","ssdeep":"384:8hFvt8UkrRghwAIfsnJkTLvke8gQtD94lcASP:kUzXGJaLpGth4lVSP","tlshash":"e462d3803bff940394ea931ef9ab3369b4afbe9e52d052f034145216b54b318de4572e","first_seen":"2025-02-26T18:29:17.859051Z","last_seen":"2026-04-11T09:25:14.787212Z","times_seen":113,"resource_available":false,"data":null}},"time_used":480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":480,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-drawer.C9G2LKdp.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni-drawer.C9G2LKdp.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-8d4\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2260,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2259)","md5":"3180d6cb2cb361a87b2a411c442145de","sha1":"49a99f863f4203b3b9b91da0eee68db355af9424","sha256":"fafcb78f8a3daab297a86eaa08241a11ca8f4ecba5ece7f9d67d3debb383a324","sha512":"1b7ae80fe889e364def4a8fc6845700f6568daf8ec1917c70820952eb0ce0f3e74379733537d85e187302b017276af4c9495af63335ee04cbaae1062f47d3137","ssdeep":"","tlshash":"674165dab80e69320df24152503965445b047bf8d7b175cab2df28fd030c8c5528df38","first_seen":"2025-11-03T12:41:42.384871Z","last_seen":"2026-03-14T18:36:03.198798Z","times_seen":14,"resource_available":true,"data":null}},"time_used":638,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/index.Gl_Dckpu.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/index.Gl_Dckpu.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-765\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1893,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1892)","md5":"bb9c55ac5c8fcee932af4333f0d8ddce","sha1":"4968d45977d74a86676f42c8254e44607bfea8f1","sha256":"4fb3470802135f85c69ce3f6f64cccf3fed4614dda8de512f5f7b68dcadc0938","sha512":"41a344ac643a4220904e1d5cdd40419f51feb5c102f0098bd67ff4a657c670fc07d55130d68009817357deefac523a307bdf52abada8e1f81e386e63b97f4f3a","ssdeep":"","tlshash":"2241d5817848d3bce77fd998480808889a040f6a3833c5e9e2db384017e97c8fe36a24","first_seen":"2025-11-03T12:41:42.388423Z","last_seen":"2026-03-14T18:36:03.19665Z","times_seen":14,"resource_available":true,"data":null}},"time_used":704,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":704,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/position/detail?code=banner","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:54.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"GET /api/position/detail?code=banner HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: zh_CN\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1769404614\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:54 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 359\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1180,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"bf4d9891f1a82d314a3f67e5b979f862","sha1":"c0bbb60245e96fbbe9a6bfe20a3fc4c5f2ab321d","sha256":"5c360c96745f8aa7aebea23a7118f43308b8c3fd2cc6328ac2ff0e3fbd795df2","sha512":"abc533ef20c95002b48c5c7d3e8e786e11ac22e6cc9affa67ddbfaf6c1b8571e044b7d20aa0f85c15335012c2a84a1638cb2093c0114f4f1ba9dfd41ec583e88","ssdeep":"","tlshash":"9721a26a2ea4c9f6838e35d418cb351842fad0574204d3537f0ce9585ec42fb579f0d2","first_seen":"2025-11-03T12:41:42.445966Z","last_seen":"2026-03-08T12:34:05.427186Z","times_seen":10,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/static/statbar/new/contract-d.png","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /static/statbar/new/contract-d.png HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:48 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 04 Feb 2024 01:58:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65beef5c-3c20\"\r\nexpires: Wed, 25 Feb 2026 05:16:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15392,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 823 x 823, 8-bit/color RGBA, non-interlaced","md5":"8f80c649cf90911ffbab4cf72209cc11","sha1":"90a7c47dd804cf9f5bf99fcb34c7421a4b60b4a7","sha256":"ca39d8e792f165b95feb92b64d17cdd074e8c4fa68ad2591ab6df88c1b1ce2f0","sha512":"c779e9fbeed306c39833187e05f7bf5f2195be76b932c48404318bbdd097f84bc4c0c66bda232988ddcb5aeca85d8172f31c66646d93eb89b865c14ffc0c3a1d","ssdeep":"384:nME0d/Tg1fuRew674TSw/3SKpaa2CnxikhnTLI02:MBc1t4TS2uCxZhTLI02","tlshash":"19625cc0abe6841765ba970ee9a3623db1eef99b17c553f515410b02b50b30cda2073e","first_seen":"2025-02-26T18:29:17.86707Z","last_seen":"2026-04-11T09:25:14.749415Z","times_seen":108,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":479,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/ptb.Dg2TKeap.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/ptb.Dg2TKeap.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 51\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-33\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"0fd28d375442ff081b513da77b56c983","sha1":"314332f6d4308c497a2b1b7fe7824af8c8186708","sha256":"aa73d7b68402a26cf403b85d447e0f40471363a126f92be92a4d9f62257a714a","sha512":"c7e72b67aec1d0604e7b5dea752b4162dbd3ce1f8dc35929c7a37817ab731fd716d337957be98fbe9b0efa9c6033f6de0b43c2b5ad23abe3b1433bc62d6e6fc7","ssdeep":"","tlshash":"5d900211054004b501782588c727ca5494504129621742558514490aa953480561b820","first_seen":"2025-11-03T12:41:42.439607Z","last_seen":"2026-03-14T18:36:03.218198Z","times_seen":14,"resource_available":true,"data":null}},"time_used":631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":631,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-avatar.C8zWsw3k.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-avatar.C8zWsw3k.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-a51\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2641,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2640)","md5":"cccd9c0ab49f06df88c2147119f9ae63","sha1":"adedfabbb8a549301994fc0df5686a26576b3abb","sha256":"ebf3dd6d8b1e429975d42b763b80261f3b16d39ef790e3e776429beacd3939ac","sha512":"f1d3113626300e0a23a35b2ac2154ab79fec0affe8319e512078341557aed835f4402a15529e333cab732a9df7855f253e9210aa11c84e45c4b0caafd726876a","ssdeep":"","tlshash":"de511095712da82ba9c90cd724200b8460242fdcfb747a7efee175f186c7964725cf28","first_seen":"2025-11-03T12:41:42.418194Z","last_seen":"2026-03-14T18:36:03.194514Z","times_seen":14,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/alert.BOKVEe7A.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/alert.BOKVEe7A.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-556\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1366,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1337)","md5":"567a38dfa45646fef0d226c48b0497fa","sha1":"051616dfd2e2049a69261c4f552bb22212fe0eed","sha256":"4db9d6381cb0924a34085db47a17e94f696eb11dc9a47fdfc76088572aa8f2ce","sha512":"148ba5bd57437f8aef5ca365b1c0a4575497a1c46acf3f36230f86e74963c71dd7127cbbeadf6e5e4365f0275e9035cea4925a12c03089058aca3a71592ffe93","ssdeep":"","tlshash":"7121205b7a0cac232fec4dc5a1511012890c2ace92dd5eb5b9f821e96b398c5f1de739","first_seen":"2025-11-03T12:41:42.434Z","last_seen":"2026-03-14T18:36:03.206986Z","times_seen":14,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":710,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/alert-0KFWn11L.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/alert-0KFWn11L.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: text/css\r\ncontent-length: 653\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-28d\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":653,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (652)","md5":"ae9989620799ddc07614a731228f51f8","sha1":"ab7dd94419d0ce3c0914e0c25d5892b73fb8314f","sha256":"c0ac28cbff5d6bf02fa173b76348bb789d3a57edfd83badd9b194980003926be","sha512":"b63c39e275ce8986082abb91a13c3bb7a556829c96442ba4a8f7a33c1b1278f36f7c5eeacb921a9a74aa4e41f87ff248782435e85111e77cb3b3d6d6a21ac277","ssdeep":"","tlshash":"2af0a2db147d4e19a2abd1f803cdec649186bd72d5521be6bfadb0500ccb5f03b265a0","first_seen":"2025-06-08T13:31:29.658988Z","last_seen":"2026-04-11T09:25:14.709798Z","times_seen":75,"resource_available":false,"data":null}},"time_used":443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/account/balance","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:54.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"POST /api/account/balance HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: zh_CN\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1769404613\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:54 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 84\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"78bc721c1c9f7761ef21b536f22f4f98","sha1":"44264b7222431749b69ddd16547551524b4d9e70","sha256":"1abb4212144b6ede4acc89d6e4d0bac60e9dce8f6c0442390cb3c6d1159e2a18","sha512":"9e719715a9bce7d1e1c8b1b02fd4872e5b845cabf3688592fa370b393d78bdf1e1e8b85fb25ec96d5010131d016f675558609ba26402d66a95835570d9471454","ssdeep":"","tlshash":"caa00227130ab8dd2202efde60d955352196464be6606c55d9ddd13caf4548220d350a","first_seen":"2025-06-08T13:31:29.647228Z","last_seen":"2026-04-11T09:25:14.770582Z","times_seen":59,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-avatar.C8zWsw3k.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-avatar.C8zWsw3k.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-a51\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2641,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2640)","md5":"cccd9c0ab49f06df88c2147119f9ae63","sha1":"adedfabbb8a549301994fc0df5686a26576b3abb","sha256":"ebf3dd6d8b1e429975d42b763b80261f3b16d39ef790e3e776429beacd3939ac","sha512":"f1d3113626300e0a23a35b2ac2154ab79fec0affe8319e512078341557aed835f4402a15529e333cab732a9df7855f253e9210aa11c84e45c4b0caafd726876a","ssdeep":"","tlshash":"de511095712da82ba9c90cd724200b8460242fdcfb747a7efee175f186c7964725cf28","first_seen":"2025-11-03T12:41:42.418194Z","last_seen":"2026-03-14T18:36:03.194514Z","times_seen":14,"resource_available":true,"data":null}},"time_used":639,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":639,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/common/getCountry","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"OPTIONS /api/common/getCountry HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: accept-language,authorization,client-device,timetamp\r\nReferer: https://hypecip.xin/\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":1178,"timings":{"blocked":439,"dns":1,"connect":243,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/index.BPzkSZRb.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/index.BPzkSZRb.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-681\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1665,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1664)","md5":"09b15105e93a0cbfc6785700fea4d03a","sha1":"04bf69af69a2639650f31dc48eb5b83c842512ac","sha256":"27d789fc37395e330aa10712eb4b6335d7edf8cbf7b13b22cde2828567ca3852","sha512":"fdb44c9266198504da3e18aa010912f8c14416ba32ef1b6bbbccad7cd9fc35aa70a5dbb987b97bdc4b29eb2e85a357d8c897d57ded6469b08f90c2683179c528","ssdeep":"","tlshash":"0d3144c6b9c15174931bb4c091a44852d24c9b36fa9e95d4f0fb9e941fbc584f45cb2c","first_seen":"2025-11-03T12:41:42.430302Z","last_seen":"2026-03-14T18:36:03.203868Z","times_seen":14,"resource_available":true,"data":null}},"time_used":703,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":703,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/ptb.Dg2TKeap.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/ptb.Dg2TKeap.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 51\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-33\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":51,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"0fd28d375442ff081b513da77b56c983","sha1":"314332f6d4308c497a2b1b7fe7824af8c8186708","sha256":"aa73d7b68402a26cf403b85d447e0f40471363a126f92be92a4d9f62257a714a","sha512":"c7e72b67aec1d0604e7b5dea752b4162dbd3ce1f8dc35929c7a37817ab731fd716d337957be98fbe9b0efa9c6033f6de0b43c2b5ad23abe3b1433bc62d6e6fc7","ssdeep":"","tlshash":"5d900211054004b501782588c727ca5494504129621742558514490aa953480561b820","first_seen":"2025-11-03T12:41:42.439607Z","last_seen":"2026-03-14T18:36:03.218198Z","times_seen":14,"resource_available":true,"data":null}},"time_used":700,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":700,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/static/statbar/new/asset-d.png","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /static/statbar/new/asset-d.png HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:48 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 04 Feb 2024 01:58:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65beef5c-4b78\"\r\nexpires: Wed, 25 Feb 2026 05:16:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19320,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 823 x 823, 8-bit/color RGBA, non-interlaced","md5":"a2c1965acf454ca4d24168abedb613c6","sha1":"b8e2b6330b3d7b2287d1e29d133078cd096ca560","sha256":"cb0cdb3d3be3c15cfff62688d753026ac2eff5619c93102b774fe32f6dba669d","sha512":"11efa710a57529b598150a4dab919aeac65d4038d66312aef671d39a5809a22c38fc1a9b6ff38bb24e3d5b38f072751656b3b258b8dd0046d8000c1ac23193e0","ssdeep":"384:IjVEw1F5vwrxF3rD2Ff2WlGvEn38Jpz8OPrRgsXi8:ilw1FD2FeWlf6pTuA","tlshash":"21826cd82ff7c21b44a6e32da5ea6235b2afebd806c106f164481543b11e31dde2137e","first_seen":"2025-02-26T18:29:17.852722Z","last_seen":"2026-04-11T09:25:14.794513Z","times_seen":109,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":476,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-popup-DP4YL--h.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni-popup-DP4YL--h.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: text/css\r\ncontent-length: 484\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-1e4\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":484,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (483)","md5":"5a077e1673191c5a510712e37308aa11","sha1":"c2d967b145d3ffbda5b6bbc6d3330f6cb0812814","sha256":"bb38ff23a83deeb9b3137058bfaa8603f045f00dc9fa9b21c03b349ecad11e1a","sha512":"71bb1daa9967326763d3ca23afbde83aa8f67f8e79e74a4f65f55b30870815b7a078723e358b141c25986d92f722ed3947e7b74e382d86454486bc853ea130ae","ssdeep":"","tlshash":"aef0f4b63cb834c5c5afe3c6d1d147804124a576e507195e83a8344a19ab5d3b74d8fd","first_seen":"2024-08-19T17:10:12.78357Z","last_seen":"2026-04-28T23:11:19.508334Z","times_seen":85,"resource_available":false,"data":null}},"time_used":444,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":444,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/account/balance","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"OPTIONS /api/account/balance HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: accept-language,authorization,client-device,content-type,timetamp\r\nReferer: https://hypecip.xin/\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:54 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-popup-dialog.BOFpiNni.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni-popup-dialog.BOFpiNni.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-d7a\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3450,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3401)","md5":"27cb0c1bb7cf364a794f0cd90bca7595","sha1":"aca0613bafd0121275c8d7b011e25ba620ef7578","sha256":"a8032afbadbaa514dca9291a21be1d850d1d3c274c45421f6e8bfcf4f5e870cf","sha512":"b82c26b9377e47d19d52365d808e969dfc6cbac4a03b0ff3ef47efa2b42aa48ba39ba37a4291a2058e52e6509ffb97794fca7b08ae2de1bcd711cc72e695e3f4","ssdeep":"","tlshash":"f8613fa17a6ef7378ece066042014901a1611efce9a43e7476b870da4f95cc1e2ed73d","first_seen":"2025-11-03T12:41:42.399722Z","last_seen":"2026-03-14T18:36:03.207938Z","times_seen":14,"resource_available":true,"data":null}},"time_used":635,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":635,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/use-route.BocVJu-Q.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/use-route.BocVJu-Q.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 290\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-122\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":290,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"66d268855666d5c4d147bdc7978c9750","sha1":"e59cba0f1347fa123709d05da04979a38e0200a6","sha256":"c6b5b0251a24cf03afc679de45963f40ef85f6dec01621e8aeaf4bbf7b9fac5c","sha512":"ed7c5873b1b13d65a623a654481ef930e3c7b03d2bafa185ad5581d831e212e6faa7057913d86fb05f86569338a56de31ba42ad279cb475b0a3d47e46bdda479","ssdeep":"","tlshash":"5cd0e7db3c456ef5005307ad4407057f8173164c31a3b0d0c104f46b11a609c960ff08","first_seen":"2025-11-03T12:41:42.38097Z","last_seen":"2026-03-14T18:36:03.209759Z","times_seen":14,"resource_available":true,"data":null}},"time_used":632,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":632,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/common/config","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"OPTIONS /api/common/config HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: accept-language,authorization,client-device,content-type,timetamp\r\nReferer: https://hypecip.xin/\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":1217,"timings":{"blocked":471,"dns":1,"connect":243,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/common/getServerTime","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"OPTIONS /api/common/getServerTime HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: accept-language,authorization,client-device,timetamp\r\nReferer: https://hypecip.xin/\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:50 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":3235,"timings":{"blocked":1467,"dns":1,"connect":242,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-bottom-popup.Do86PuJn.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-bottom-popup.Do86PuJn.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-5b9\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1465,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1464)","md5":"9c47a3498f17854bcb9587a78b63e229","sha1":"b54a78404bf6530366f07b97865e73c57bfbe8cf","sha256":"180def387d1bc0be386e9e3e9c34cdc12941080d8c7ac0e7529bd8626eaf6c4b","sha512":"f2a90382fdbd58a9fe03b0d147cc2eb76f884c1ba6cdb8cfb24209d77f31bbaf68c4e92f9144e390c63be10fef30d33ac689f4d8ad2b3023430d704fef4be866","ssdeep":"","tlshash":"db317419b00c25733aa6d4b560281d442c287b9ce7f43fdafed932749b49ed8a15eb20","first_seen":"2025-11-03T12:41:42.37716Z","last_seen":"2026-03-14T18:36:03.206428Z","times_seen":14,"resource_available":true,"data":null}},"time_used":709,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":709,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/user.PCs5E_5v.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/user.PCs5E_5v.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-572\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1394,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1393)","md5":"8ad8c1b029f90af4760c71519ea5f0ad","sha1":"14d813c618a34b2b11c15755fa3f9ef06c36bd38","sha256":"029c006ce0a5e6fd89964a35002bbaf038013a0ed79146d1d45efdd2b6efa31b","sha512":"2ed3aedd2c2082e500f24a6c6804069badbee618625384c08743c57562fc75130366591d0990f3b7337c88a86e76c86248947d366240f0f6fba44125bb9f70af","ssdeep":"","tlshash":"7021f59eb91201c789358f487c0c732a8106febdad0f3ae177a4159cc3c99d762a6027","first_seen":"2025-11-03T12:41:42.393731Z","last_seen":"2026-03-14T18:36:03.199732Z","times_seen":14,"resource_available":true,"data":null}},"time_used":706,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":706,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/index.Bfh4eeqv.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/index.Bfh4eeqv.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 513\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-201\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":513,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (512)","md5":"1027a7cf221ca15414595f8f63fb27bf","sha1":"b14c3a37072874be58c341943ca041b761a0b86c","sha256":"6f4a05813c8e83915d9406016194da04019fdd9c8804069a447afe83e3a09205","sha512":"50f4f780f44d945b96ffc8c651780968a0ab69bcb239fad77821f8ca1ec998dd7ac3a7b45730843bccaab55efb44a226294c6ed822db9883edd62012359900a9","ssdeep":"","tlshash":"e7f09eb7bd9297347467b904ad4d0c0b5904935cb691d4d1e5cf49c0a758068fe7d628","first_seen":"2025-11-03T12:41:42.420322Z","last_seen":"2026-03-14T18:36:03.210317Z","times_seen":14,"resource_available":true,"data":null}},"time_used":702,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":702,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/position/detail?code=index_notice","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:54.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"GET /api/position/detail?code=index_notice HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: zh_CN\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1769404614\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:54 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 275\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":374,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3768d55cd9794e7e11525353f4d5da75","sha1":"f4dac2ff1c2410bcae3fbe2534a4fff6c97adf6e","sha256":"420ad7aabc77404361897e2557a70499eb29499b1ce9e0cff9254a69503b62a6","sha512":"88884273af82bc354fc85883c6ef8eb512583a2cbc334267a6ea71feb1abf2d4b68ca00e4eac577487d6b07e3466dfb4b0c6fbc1472f41b155c65ac2c8701ad4","ssdeep":"","tlshash":"4ae068322864a4b18a83629055de2d0c40e9a003caa4f153fe08ddfacec07e37b871c3","first_seen":"2025-11-03T12:41:42.447492Z","last_seen":"2026-03-08T12:34:05.474682Z","times_seen":10,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-tabs.BiKlbrzG.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-tabs.BiKlbrzG.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-12e6\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4838,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4837)","md5":"7372dc7858fe87bec36f77ef8550238d","sha1":"dc2ee9b05dfbc79b569c52fd4b6981449eb8c259","sha256":"5131d999bc091840fb86da02f6d250e84aa9998b085280083b8c42b82c5fbcb9","sha512":"98d7924ba7e8321a07fbde65af6a0a1cc754c7cbee31c87fd84e19e4186bc043f0facc048bc2cb7b5208ea303fe84b5427bf9c211897ea49472348eafb827358","ssdeep":"48:dFL955ZggHqFbLJZAcHYaeXqH5QvbzEYpYbJQP7d4jfKwhOwFiOpTEecR71WPD6s:l55LHqFbLJZ94XWkY67dfEOfoo6X2V4x","tlshash":"bda17426378da0336ec7648a60205b95d5658b9cec247fedf3f1143cc706a1950ecb69","first_seen":"2025-11-03T12:41:42.410417Z","last_seen":"2026-03-14T18:36:03.196099Z","times_seen":14,"resource_available":true,"data":null}},"time_used":638,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-backdrop.F03BBGK3.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-backdrop.F03BBGK3.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 901\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-385\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":901,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (900)","md5":"04ea6e2b271475ab19b88d30345820ce","sha1":"45aaae1326fd2505dc720e44af8b9c15c89b78df","sha256":"fa0ec06243142c73b97d6be2ed5d7ac5999429416243d45ac5d8e090fe32fe66","sha512":"e326ea782645e08ad2afa9849c9af1371b4321bde843b06ba56eb0acd9061c8a8e80b03daa637130695ef07dd4262d49a1f1055588af482dab5fb8cf84f5ffe9","ssdeep":"","tlshash":"ab11e30e744ee4323aabe574e0240a50441c56ade66a3add45ea71f90b4fcac939eb04","first_seen":"2025-11-03T12:41:42.437765Z","last_seen":"2026-03-14T18:36:03.208894Z","times_seen":14,"resource_available":true,"data":null}},"time_used":634,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":634,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/HarmonyOS_Sans_Regular-BHHgWLDZ.ttf","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:49.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/HarmonyOS_Sans_Regular-BHHgWLDZ.ttf HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/fui-tabs-D_VIZz2j.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 146616\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-23cb8\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146616,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 14 tables, 1st \"DSIG\", 21 names, Macintosh, Copyright 2021 Huawei Device Co., Ltd. All Rights Reserved.HarmonyOS SansRegularHarmonyOS Sans V","md5":"48d656ed53e13d664de5cfdc7d3c438a","sha1":"8bea06ce4d7b4196f5e5f60b5580bdb1519ff560","sha256":"4f00c7e80329238d0b6fc58e5c829c4086432ba9fa1a8c5ca3da9a0442ce0452","sha512":"4d3189ddd412c1018a1c102c7067b5983ed2ea46d26a0e7f5f8a0829b77557c35a6cdd41c3573c3fd0592e240f1dbf51133a73ad246f0f44dfbe37f5b1c1feff","ssdeep":"3072:2waXVb3/LizgXbAsJzu82vIm3r6yoj8Gf9g4I3ZgDl6iquMX3js2O0:GVb/Liz2Jzu8IIm3rE9g4I3ZgDlnJO3T","tlshash":"7ce34a07f3a3db5fea16adb9a632e22283cef434793e874ef5041567d49b8e1c884541","first_seen":"2023-04-07T05:22:56Z","last_seen":"2026-05-24T17:42:48.987398Z","times_seen":598,"resource_available":false,"data":null}},"time_used":2829,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":684,"receive":2145,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-icon.CosUZAIt.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-icon.CosUZAIt.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-f84\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3972,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3645)","md5":"c762414f4f7d835d5565515f868d9cbf","sha1":"8509cbed8639c667a511d73cb08b508a3cff4874","sha256":"0ffc55afbee12bbb59fbecf7265dfec06c36b66d17b3586b99694acbe72aafa2","sha512":"433ce558c78eaa533680f34a3aac23c39dfa96d1e5016863d6b1ba233d096be88eca0d716d14da2a2faf7ef51bcdb2e0dc0359f6d05867e8144cff32fb1c40a1","ssdeep":"","tlshash":"0c81638e64f9ac2b6e8e7eca544c1203d0d19f58e9e0fc52ac9d09e5e57e950720df2c","first_seen":"2025-11-03T12:41:42.450395Z","last_seen":"2026-03-14T18:36:03.193486Z","times_seen":14,"resource_available":true,"data":null}},"time_used":477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":477,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 91\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-5b\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-05-24T16:26:51.131525Z","times_seen":1503,"resource_available":true,"data":null}},"time_used":639,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":639,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-nav-bar.B-WXcPYV.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-nav-bar.B-WXcPYV.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-a0e\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2574,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2573)","md5":"f7412b98c1f1c3a7b76e6a60422f3eb9","sha1":"e0484a115fd6cc2657381061f6f889256cddba6d","sha256":"0c8ad0a2a1ddb2ac70c2cb447429591cb87e3980474c46bb86565466617c65b5","sha512":"2dc35947221a13bb3bb54067f75cce0dc41cfe7ff97d138e2ed1f8535d7b694142deb75115c68291f6bea9b052c3f19f10ba35a1cbe7619ce9bd8490bca14cef","ssdeep":"","tlshash":"d9515211351c90322e49080ea0a15370a164aeadce317969fef5687543dfc5eb3ecf18","first_seen":"2025-11-03T12:41:42.432158Z","last_seen":"2026-03-14T18:36:03.197185Z","times_seen":14,"resource_available":true,"data":null}},"time_used":638,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/check-s.DGG9M_rm.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/check-s.DGG9M_rm.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 989\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-3dd\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":989,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (988)","md5":"8a01cc60f09fa18d9813cae76738128b","sha1":"cdd58e3a03a998c25e74d1380147e6b52a14615d","sha256":"f86903ddef4b497befd3d2e250b6efe3f048e4529a86bb61a0c5560bd50f539d","sha512":"e6544c6053602d335f45ded8f55d0e1252cd9cdd7843656259a2b9bf7969eaa2987314b688a27502ff704a96f0f9697e299ad115ac73aea28f38f355863c359a","ssdeep":"","tlshash":"ba1194f4abaa8d72ca9c0f99363ed00c5c3108de45ade5203769e0a20335d306b9e814","first_seen":"2025-03-06T21:41:52.860647Z","last_seen":"2026-05-11T10:57:08.411528Z","times_seen":77,"resource_available":true,"data":null}},"time_used":698,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":698,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"111.231.169.247","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:50.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Mon, 26 Jan 2026 15:16:51 GMT\r\ncache-control: max-age=36000\r\nset-cookie: __uni__uid=rBEQUml2+MNi6b1hAzoGAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-05-24T23:31:20.566474Z","times_seen":15865,"resource_available":false,"data":null}},"time_used":1697,"timings":{"blocked":699,"dns":1,"connect":299,"send":0,"wait":299,"receive":0,"ssl":395},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/use-route.BocVJu-Q.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/use-route.BocVJu-Q.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 290\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-122\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":290,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"66d268855666d5c4d147bdc7978c9750","sha1":"e59cba0f1347fa123709d05da04979a38e0200a6","sha256":"c6b5b0251a24cf03afc679de45963f40ef85f6dec01621e8aeaf4bbf7b9fac5c","sha512":"ed7c5873b1b13d65a623a654481ef930e3c7b03d2bafa185ad5581d831e212e6faa7057913d86fb05f86569338a56de31ba42ad279cb475b0a3d47e46bdda479","ssdeep":"","tlshash":"5cd0e7db3c456ef5005307ad4407057f8173164c31a3b0d0c104f46b11a609c960ff08","first_seen":"2025-11-03T12:41:42.38097Z","last_seen":"2026-03-14T18:36:03.209759Z","times_seen":14,"resource_available":true,"data":null}},"time_used":693,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":693,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/index-No8yArsk.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:46.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/index-No8yArsk.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:46 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-1e537f\"\r\nexpires: Mon, 26 Jan 2026 17:16:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1987455,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (22530)","md5":"048380c21ef1cfa3706c8a4ab3278dce","sha1":"82fcfcb256162914b699176f97f5c1a64f779a3b","sha256":"057867304f6b0945607880e543adc49b34e1f66066a35fb63d96201b4f0a0cdf","sha512":"5d47ffe9ad0f267dff58914094ee39e7fbe893f537a0d2b7f1ba148642d44ef8e9ed6571af34918c14409b82603c9f55497027a9deab51c61412e464a63cc932","ssdeep":"24576:SkbO/N7tkdbTqYLs46qG5+2OKqqCRkOANx7jTWYC70qPBZuMDxz1Alop4OKS4OKR:SkbO/N7tkdbTqO6qG5+2OlqCGOANx7jl","tlshash":"88455c86b64fa73397f642f4a05b464470bc5683f21a805caeecdcac35ec904a1d7f5a","first_seen":"2026-01-26T05:17:12.675021Z","last_seen":"2026-01-26T05:17:12.675021Z","times_seen":1,"resource_available":false,"data":null}},"time_used":486,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":486,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-popup-dialog-1Os_aRzI.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni-popup-dialog-1Os_aRzI.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-507\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1287,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1286)","md5":"bf7148d24ecf17c233bd1cf9f5d8d25c","sha1":"db9ebe29a6820d792e7cee548fec2df728cbb2a2","sha256":"1f1c5505658adb82ce9800e3d55fb3df103059b799c78bc10b0e1db7959e44f2","sha512":"1557548182bd2f975cf6528eec0ee1ecd725c80b5183d7a4138feed87d21734c5f340d0d7e36d75e72cbb80dd4667bbd98101fa6354cc7e321bfff72dcf3d038","ssdeep":"","tlshash":"5e215c36710d351518afc85a7844eac7d384a37e91668358a92dbd340cce7d23f1228c","first_seen":"2025-06-08T13:31:29.661624Z","last_seen":"2026-04-11T09:25:14.717416Z","times_seen":75,"resource_available":false,"data":null}},"time_used":442,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":442,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:49.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/pages-newindex-newindex.CpR1XibN.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/index-No8yArsk.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-91b2\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37298,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37131)","md5":"3e8297fc779f46d5e85c590ddd47f384","sha1":"f1e3db78f6f0bc97be601970d9d17e6e976f5a3c","sha256":"d5ca016f39833b8d0b6aa4c00bb9dc25552a517e875b5187e2060e41eec891c3","sha512":"0106f31f1deade8e7ab14e78366e42645d20d54212cf6cfcc501d553c83cb50856c4ae9e35fba8db9ec5d695cdc0479b5d40da67f9b9509baae287a272c876ff","ssdeep":"768:tl3A/lD8UyMrhNgV/fPFnksM5Mhzn0WrGI9eXQbTBTMDKY:f3CeMFNafdnksM5Mhzn0uGI9eXQ/NMD3","tlshash":"e0f25202ba1cf6649da3125cf0998001b07aaccec1043a5fb5f42c6f52d7ca959edb7e","first_seen":"2025-11-03T12:41:42.426747Z","last_seen":"2026-03-14T18:36:03.192914Z","times_seen":14,"resource_available":true,"data":null}},"time_used":3748,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3748,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/currency.DdraAnJM.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/currency.DdraAnJM.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 552\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-228\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":552,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (551)","md5":"d791828b3bf11634b64e43ab258c295f","sha1":"3a40f67ff4a00458c8f037cfe6572f65bbe450a1","sha256":"c92b18a0d949a43ad14b27fe71bbd670619a06ccdb32cc96b7c092eea94fc72f","sha512":"1aad95966d16a1615cb27f67cce14404574a3628f592c724a18ec6d213c12a1a19b12892614cca520915131172d6eb13246e9c1bb9db3d245460892626925842","ssdeep":"","tlshash":"c0f090db94a2d4e2c1755b48751962140027bbb5341f9ae03b8d22c6b3dc087d032d7b","first_seen":"2025-11-03T12:41:42.45256Z","last_seen":"2026-03-14T18:36:03.191934Z","times_seen":14,"resource_available":true,"data":null}},"time_used":706,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":706,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/newindex-C43rAjt1.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/newindex-C43rAjt1.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-6390\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25488,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (25487)","md5":"e032f9ec50cfa9aa026a43849b864e7e","sha1":"ba13063e407a86f2603fcb0b757767c4b94cfe4f","sha256":"7ef3a9d5f7766abfc2222486fe7c956baf868fed64150f91f622fb27fd8642a0","sha512":"0f3bddd8af61330cdd092cc574eef0a8b8748c5094b4a89cdb5f8a617583ffeb313c911aa374a7308895a67bcf525819c3579b09e1e90ddffa544613a2b49a8c","ssdeep":"384:nxntRKF0jR+GuZktIP7dQatORlMqUlqdOMIWoTD:no0jR+GXVIWoH","tlshash":"c4b2662d3174b618427bcf46bb682e8e2950bf5ddf86058ca5233f16498b5633871f8a","first_seen":"2025-11-03T12:41:42.472102Z","last_seen":"2026-03-14T18:36:03.202217Z","times_seen":14,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":441,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/currency.DdraAnJM.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/currency.DdraAnJM.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 552\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-228\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":552,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (551)","md5":"d791828b3bf11634b64e43ab258c295f","sha1":"3a40f67ff4a00458c8f037cfe6572f65bbe450a1","sha256":"c92b18a0d949a43ad14b27fe71bbd670619a06ccdb32cc96b7c092eea94fc72f","sha512":"1aad95966d16a1615cb27f67cce14404574a3628f592c724a18ec6d213c12a1a19b12892614cca520915131172d6eb13246e9c1bb9db3d245460892626925842","ssdeep":"","tlshash":"c0f090db94a2d4e2c1755b48751962140027bbb5341f9ae03b8d22c6b3dc087d032d7b","first_seen":"2025-11-03T12:41:42.45256Z","last_seen":"2026-03-14T18:36:03.191934Z","times_seen":14,"resource_available":true,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/common/getServerTime","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:50.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"GET /api/common/getServerTime HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: zh_CN\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1769404608\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:50 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 102\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"94121fc5e11b940357e447bc4f1971de","sha1":"f1c2ceb8519b73a7cccb223a5eea02ef1aa5568b","sha256":"e0a8fdd4e40f298799043cf6b63a12d2978243b34de0633e91bf24310cce1e18","sha512":"c7180ef6080fd579b2866bb2ba8a7660198c80a7b8f1df6011ba82353d2a00fdb1a23594e050920b1f85c35edf39c990e6295dee0c8a5f64c6c6a42bbbe706fc","ssdeep":"","tlshash":"71a012411e00596ae942a15130556500157860e189d1c409844c1298c5442272002b27","first_seen":"2025-06-08T13:31:29.652713Z","last_seen":"2026-04-11T09:25:14.708917Z","times_seen":80,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-button-I_hS5M3J.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-button-I_hS5M3J.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:48 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-ac3\"\r\nexpires: Mon, 26 Jan 2026 17:16:48 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2755,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2754)","md5":"4a9af0ba2fe2eec96b1ad76d9bec3fb3","sha1":"e43bbf2fd22525a620391d33b93b9df141eaf86f","sha256":"cc6e1dc77dec9ef566f4fd5d066854f6ce3b081e999e49b1e9d046c1d96e4eb7","sha512":"ac657d341d188fe95afb66ec5103a421f8d92c18be72738ffc57f713195321a6dd3582745d542573e7a76995f64344cc7861fae6d53d0682b8aca72b3b4b965e","ssdeep":"","tlshash":"0151ddb9b5c4713dbe1be2b825d5efbc4638e6c18b020b6cb121f1918dd79d22346289","first_seen":"2025-06-08T13:31:29.658184Z","last_seen":"2026-04-11T09:25:14.796037Z","times_seen":75,"resource_available":false,"data":null}},"time_used":449,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":449,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/alert.BOKVEe7A.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/alert.BOKVEe7A.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-556\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1366,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (1337)","md5":"567a38dfa45646fef0d226c48b0497fa","sha1":"051616dfd2e2049a69261c4f552bb22212fe0eed","sha256":"4db9d6381cb0924a34085db47a17e94f696eb11dc9a47fdfc76088572aa8f2ce","sha512":"148ba5bd57437f8aef5ca365b1c0a4575497a1c46acf3f36230f86e74963c71dd7127cbbeadf6e5e4365f0275e9035cea4925a12c03089058aca3a71592ffe93","ssdeep":"","tlshash":"7121205b7a0cac232fec4dc5a1511012890c2ace92dd5eb5b9f821e96b398c5f1de739","first_seen":"2025-11-03T12:41:42.434Z","last_seen":"2026-03-14T18:36:03.206986Z","times_seen":14,"resource_available":true,"data":null}},"time_used":637,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":637,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/user.PCs5E_5v.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/user.PCs5E_5v.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-572\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1394,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1393)","md5":"8ad8c1b029f90af4760c71519ea5f0ad","sha1":"14d813c618a34b2b11c15755fa3f9ef06c36bd38","sha256":"029c006ce0a5e6fd89964a35002bbaf038013a0ed79146d1d45efdd2b6efa31b","sha512":"2ed3aedd2c2082e500f24a6c6804069badbee618625384c08743c57562fc75130366591d0990f3b7337c88a86e76c86248947d366240f0f6fba44125bb9f70af","ssdeep":"","tlshash":"7021f59eb91201c789358f487c0c732a8106febdad0f3ae177a4159cc3c99d762a6027","first_seen":"2025-11-03T12:41:42.393731Z","last_seen":"2026-03-14T18:36:03.199732Z","times_seen":14,"resource_available":true,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-icon-BtzrKq7d.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-icon-BtzrKq7d.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:48 GMT\r\ncontent-type: text/css\r\ncontent-length: 435\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-1b3\"\r\nexpires: Mon, 26 Jan 2026 17:16:48 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":435,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (434)","md5":"ec3c1db6332d7a3e20f170b33dc20001","sha1":"daf5993c11bad6404bba48e510ac58de82fc119b","sha256":"bd604e1a105c4af7778b3e3a93577fe1d54c9f1a35915d58126285a902ce7fde","sha512":"4adf57cf9fe336dd885237d486da93772f3a99fbd75e918b27ff335b3c9c1ee52844bf1c9f0ba0d9e0f49452ec68ce069f26e610e11eb19338354b2d3c74917b","ssdeep":"","tlshash":"53e05c4eb244342234a7d87624d0ec7d1820e4389c26ef782275e2205ff2c427362731","first_seen":"2025-06-08T13:31:29.640671Z","last_seen":"2026-04-11T09:25:14.780041Z","times_seen":75,"resource_available":false,"data":null}},"time_used":449,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":449,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-backdrop-B_PWEsXl.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-backdrop-B_PWEsXl.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: text/css\r\ncontent-length: 356\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-164\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":356,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (355)","md5":"8f63c96b36fe2115b36426813cf0220e","sha1":"63bfaa84af2c8d1e14f598a1739df1977cbe796a","sha256":"e1a7d7585576b7f2cdf6875afce70637eb12b63ba45f015280457fa212531fe1","sha512":"30a608245fe6e21e0ee4737c864d48c751302019d07f1c7317430491d3201fd35a4fde49e824eb8dc2d952e402ea16ad7e7a28b65e34b0391e38329f6a635f9d","ssdeep":"","tlshash":"cce02045a18914142d7fe6f26420ef38407ef590d9531a9e064e17a4074fdcb9321588","first_seen":"2025-06-08T13:31:29.64158Z","last_seen":"2026-04-11T09:25:14.73241Z","times_seen":75,"resource_available":false,"data":null}},"time_used":443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-button.Cs337qol.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-button.Cs337qol.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-1955\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6485,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6484)","md5":"bc91ca954920f2c3f50c883d23140dbf","sha1":"05eedc09de792c3d0de24936eba4a13ca9e2a1f9","sha256":"f639e14a8899307f1a145e67d8b989b79fd11c2b2598fe8eff1d95deb552f4af","sha512":"e5f0f0b943e0b7d7aa58d7ff2364e3a2ab3a221f2350e00f740b190a94cd8826e1253ce5fa410365855328a71e8987aa74c6da4b66e0850eada2e85c6b0c052c","ssdeep":"192:FDuk4LqPOCDTRtYLRh9eBiugS7wpkSQVefhFbkjZP:154GuRu8Qcfu","tlshash":"3cd18441315c253b7fcf865c70b50f82c217a9889861af3ebfb4b1b99b4a845359ef24","first_seen":"2025-11-03T12:41:42.444501Z","last_seen":"2026-03-14T18:36:03.190794Z","times_seen":14,"resource_available":true,"data":null}},"time_used":638,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/account/userinfo","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"OPTIONS /api/account/userinfo HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: accept-language,authorization,client-device,content-type,timetamp\r\nReferer: https://hypecip.xin/\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:50 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":2785,"timings":{"blocked":1246,"dns":1,"connect":241,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-bottom-popup.Do86PuJn.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-bottom-popup.Do86PuJn.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-5b9\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1465,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1464)","md5":"9c47a3498f17854bcb9587a78b63e229","sha1":"b54a78404bf6530366f07b97865e73c57bfbe8cf","sha256":"180def387d1bc0be386e9e3e9c34cdc12941080d8c7ac0e7529bd8626eaf6c4b","sha512":"f2a90382fdbd58a9fe03b0d147cc2eb76f884c1ba6cdb8cfb24209d77f31bbaf68c4e92f9144e390c63be10fef30d33ac689f4d8ad2b3023430d704fef4be866","ssdeep":"","tlshash":"db317419b00c25733aa6d4b560281d442c287b9ce7f43fdafed932749b49ed8a15eb20","first_seen":"2025-11-03T12:41:42.37716Z","last_seen":"2026-03-14T18:36:03.206428Z","times_seen":14,"resource_available":true,"data":null}},"time_used":634,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":634,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/check-s.DGG9M_rm.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/check-s.DGG9M_rm.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 989\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-3dd\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":989,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (988)","md5":"8a01cc60f09fa18d9813cae76738128b","sha1":"cdd58e3a03a998c25e74d1380147e6b52a14615d","sha256":"f86903ddef4b497befd3d2e250b6efe3f048e4529a86bb61a0c5560bd50f539d","sha512":"e6544c6053602d335f45ded8f55d0e1252cd9cdd7843656259a2b9bf7969eaa2987314b688a27502ff704a96f0f9697e299ad115ac73aea28f38f355863c359a","ssdeep":"","tlshash":"ba1194f4abaa8d72ca9c0f99363ed00c5c3108de45ade5203769e0a20335d306b9e814","first_seen":"2025-03-06T21:41:52.860647Z","last_seen":"2026-05-11T10:57:08.411528Z","times_seen":77,"resource_available":true,"data":null}},"time_used":631,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":631,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/common/appActive","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:54.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"OPTIONS /api/common/appActive HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: accept-language,authorization,client-device,timetamp\r\nReferer: https://hypecip.xin/\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:54 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/static/statbar/new/home-s.png","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /static/statbar/new/home-s.png HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:48 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 04 Feb 2024 01:58:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65beef5c-96dc\"\r\nexpires: Wed, 25 Feb 2026 05:16:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38620,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 823 x 823, 8-bit/color RGBA, non-interlaced","md5":"9646a5cbddd16f0023ca20436560c2a6","sha1":"6790d84fedbf68bcd6db80c7ec0c460a453613ff","sha256":"7fedef0caa777dfc78a1e618daeeabd1dd5fa01b80cb13149040759b661225da","sha512":"f2664158cc9e10b2fb66fa9826bfcbf9eab6bcdb7a40dee4b8c2c66fa03b0b2c272065312eb51790671da061e91e7cd9a948ac986a748a491a887ac5362c1759","ssdeep":"768:ttnJaWvVOkGa8y4KtZ0DG0nYJglTUZ9Uu8OaE6:jJaMTN4w0qq7lTUZ2Hr","tlshash":"9203e0112316c64bc2b3170431ac799f29e616701cbe56b2e85e6dc7e835bbd0ec73a5","first_seen":"2025-02-26T18:29:17.850328Z","last_seen":"2026-04-11T09:25:14.775994Z","times_seen":112,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-bottom-popup-C0CpF_g1.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-bottom-popup-C0CpF_g1.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: text/css\r\ncontent-length: 653\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-28d\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":653,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (652)","md5":"a1f097a08102287bce4d97d7c1ca5adb","sha1":"2353244965e02e3e0fb1c47f7b195b22861cabbc","sha256":"08deed1983cde3122a87fe6417f829198c2905236127063b9eef4fcba7430dea","sha512":"fed95de62830192223d450ddf37d23d71804ba9aedff4076bdb555fb8e438bc6b875c3ede4151033157f0dabf15cdf556a72abbc8f76b699d6fc156c6cc90e0e","ssdeep":"","tlshash":"9af073243548395d593fd355e5d6feec8336d241ba9758cd53080a15044f7ca25396dc","first_seen":"2025-06-08T13:31:29.634312Z","last_seen":"2026-04-11T09:25:14.78505Z","times_seen":75,"resource_available":false,"data":null}},"time_used":440,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":440,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/index.BPzkSZRb.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/index.BPzkSZRb.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-681\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1665,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1664)","md5":"09b15105e93a0cbfc6785700fea4d03a","sha1":"04bf69af69a2639650f31dc48eb5b83c842512ac","sha256":"27d789fc37395e330aa10712eb4b6335d7edf8cbf7b13b22cde2828567ca3852","sha512":"fdb44c9266198504da3e18aa010912f8c14416ba32ef1b6bbbccad7cd9fc35aa70a5dbb987b97bdc4b29eb2e85a357d8c897d57ded6469b08f90c2683179c528","ssdeep":"","tlshash":"0d3144c6b9c15174931bb4c091a44852d24c9b36fa9e95d4f0fb9e941fbc584f45cb2c","first_seen":"2025-11-03T12:41:42.430302Z","last_seen":"2026-03-14T18:36:03.203868Z","times_seen":14,"resource_available":true,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/currency/getTradeCurrencyList","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:54.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"GET /api/currency/getTradeCurrencyList HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: zh_CN\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1769404614\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:54 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 2137\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7169,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c16fa3c1135bd9a3728d109be1bcd761","sha1":"6b962499eeb9969370234c954dd2e71c1cc5b40c","sha256":"ed743bb6f7f0fe07569e058c58e98551bff0b97a7d9d6943750ab425c48c94e9","sha512":"f70b1aa3da7354f5d486a0507671df04357aa25a2b7c44f3c2f0bd3db80b40d1a6d345fdd4ae8e4b5179a86bbae38cea9e1f024ca9f80dfc5beea9e099fbd7cb","ssdeep":"96:yUt+K9VGUjbz6/gieXhjZ4YRKRMxCYcm8y694v1L5N7pDRjiaqVLlZNTo0k0:p+KvLzVFqGRvRoZSW","tlshash":"96e1ee5122f88850c2bf1ac3eb81792450ad70679dc08fd197ec8ea056e5abf794b773","first_seen":"2026-01-26T05:16:18.290822Z","last_seen":"2026-02-02T14:10:28.170469Z","times_seen":4,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/index.Gl_Dckpu.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/index.Gl_Dckpu.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-765\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1893,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1892)","md5":"bb9c55ac5c8fcee932af4333f0d8ddce","sha1":"4968d45977d74a86676f42c8254e44607bfea8f1","sha256":"4fb3470802135f85c69ce3f6f64cccf3fed4614dda8de512f5f7b68dcadc0938","sha512":"41a344ac643a4220904e1d5cdd40419f51feb5c102f0098bd67ff4a657c670fc07d55130d68009817357deefac523a307bdf52abada8e1f81e386e63b97f4f3a","ssdeep":"","tlshash":"2241d5817848d3bce77fd998480808889a040f6a3833c5e9e2db384017e97c8fe36a24","first_seen":"2025-11-03T12:41:42.388423Z","last_seen":"2026-03-14T18:36:03.19665Z","times_seen":14,"resource_available":true,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/index-C4RMy9IK.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:46.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/index-C4RMy9IK.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-36722\"\r\nexpires: Mon, 26 Jan 2026 17:16:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":223010,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"66d29af98bfb0cc55a9a03354a0dd3c2","sha1":"611cce3f5cd5da01cad1315147fcf07e6832ce70","sha256":"09b71933bae48697c281f5b6972aea4ab69b80735e3352616450b143ec622e8f","sha512":"bc9e96a91ea314facffd7bc378570fa21621aecb50f6bc073e314b04d2811cdcb00ac981da9213f4eb5c6532c654ae544a69b98460563438a50209ce5701c139","ssdeep":"1536:40q7hLA41IyNBi3MFYaQj7FCwsBlDOFIxuVoxJPIKkca1Al5aIzeMVTVkIe:C7hzvNIClDsIxuVS9VYee","tlshash":"aa24b6a5e69091bcbf2bf275ab8b96dcf23cf560dd01caa4f10151580ec7bf5062361a","first_seen":"2025-06-08T13:31:29.653644Z","last_seen":"2026-03-14T18:36:03.212256Z","times_seen":90,"resource_available":false,"data":null}},"time_used":1212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/index.Bfh4eeqv.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/index.Bfh4eeqv.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 513\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-201\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":513,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (512)","md5":"1027a7cf221ca15414595f8f63fb27bf","sha1":"b14c3a37072874be58c341943ca041b761a0b86c","sha256":"6f4a05813c8e83915d9406016194da04019fdd9c8804069a447afe83e3a09205","sha512":"50f4f780f44d945b96ffc8c651780968a0ab69bcb239fad77821f8ca1ec998dd7ac3a7b45730843bccaab55efb44a226294c6ed822db9883edd62012359900a9","ssdeep":"","tlshash":"e7f09eb7bd9297347467b904ad4d0c0b5904935cb691d4d1e5cf49c0a758068fe7d628","first_seen":"2025-11-03T12:41:42.420322Z","last_seen":"2026-03-14T18:36:03.210317Z","times_seen":14,"resource_available":true,"data":null}},"time_used":632,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":632,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-nav-bar-DtMoUqYo.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-nav-bar-DtMoUqYo.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:48 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-566\"\r\nexpires: Mon, 26 Jan 2026 17:16:48 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1382,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1381)","md5":"1f7fccda3479539399a8985b467724f8","sha1":"5bdf164c239aa656c8e63e794d77f1e4fd1339d2","sha256":"cf13be34efa7db518f939fa0905307c685ebadd2e3fb547229b09b3f072489e8","sha512":"89f56ad0edccfb059b2a13d485701a096dcde7486abcf8a455a95271be09fbd27e54760eba834c81478c3840f74c0fc45737d527b3f3e24f9e2f2777744cd30b","ssdeep":"","tlshash":"8421dc3572d85068be2be9225cd79f3d5010f31382a7424ca9e51b1c0fcf683766a9ee","first_seen":"2025-06-08T13:31:29.65651Z","last_seen":"2026-04-11T09:25:14.72701Z","times_seen":75,"resource_available":false,"data":null}},"time_used":450,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":450,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-app.es.d_vLI1bg.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni-app.es.d_vLI1bg.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 84\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-54\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"6b66c5e8ec007c309842caa5d15df880","sha1":"31792ad204aa6e3cc25b3f6e53b7cf2b950d35d8","sha256":"eb004fa1e81b674bbd9d3ab61a87d6d1bbbff407c1b41e91043edff23493b3cb","sha512":"d6e8cf99e6c0312cdb41693e9a0a96edb79178e6b4f4ca7dd2ab3c0cfce9c39f4db2d6f7e02132afcb3485f38ca2c91b573d56bd17e9e8e53e01f9ab540db8cd","ssdeep":"","tlshash":"d7a01287644120122822048010555907a17611d6458d862081c103244afc4a4d128909","first_seen":"2025-11-03T12:41:42.468412Z","last_seen":"2026-03-14T18:36:03.198241Z","times_seen":14,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/account/userinfo","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:50.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"POST /api/account/userinfo HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: zh_CN\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1769404608\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:50 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 118\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c56d2a956125f8601fa426b1cbd64576","sha1":"41694919db9711a5446c20496c1e3e613c3fec29","sha256":"5296af1a52ebf64f7cd2dbac3438a2bfa085737f6d539e2b891738653dc1fb79","sha512":"863d551645fafe1bc506d6e613e93e19be456eca8c48356961c39eaadb102d5382b511b395134e3bccf59c4990b5f0f036325651c191cec8c70977b7f31a38e6","ssdeep":"","tlshash":"c2b012131305bcd8511a21845444180034920455555029d1ca2eccbf8680881b44b3d9","first_seen":"2025-06-08T13:31:29.612026Z","last_seen":"2026-04-11T09:25:14.675032Z","times_seen":80,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/position/detail?code=index_notice","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:54.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"OPTIONS /api/position/detail?code=index_notice HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: accept-language,authorization,client-device,timetamp\r\nReferer: https://hypecip.xin/\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:54 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/pages-newindex-newindex.CpR1XibN.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-91b2\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37298,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37131)","md5":"3e8297fc779f46d5e85c590ddd47f384","sha1":"f1e3db78f6f0bc97be601970d9d17e6e976f5a3c","sha256":"d5ca016f39833b8d0b6aa4c00bb9dc25552a517e875b5187e2060e41eec891c3","sha512":"0106f31f1deade8e7ab14e78366e42645d20d54212cf6cfcc501d553c83cb50856c4ae9e35fba8db9ec5d695cdc0479b5d40da67f9b9509baae287a272c876ff","ssdeep":"768:tl3A/lD8UyMrhNgV/fPFnksM5Mhzn0WrGI9eXQbTBTMDKY:f3CeMFNafdnksM5Mhzn0uGI9eXQ/NMD3","tlshash":"e0f25202ba1cf6649da3125cf0998001b07aaccec1043a5fb5f42c6f52d7ca959edb7e","first_seen":"2025-11-03T12:41:42.426747Z","last_seen":"2026-03-14T18:36:03.192914Z","times_seen":14,"resource_available":true,"data":null}},"time_used":640,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":640,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/common/getCurrencyFee","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:50.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"POST /api/common/getCurrencyFee HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: zh_CN\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1769404609\r\nContent-Type: application/json\r\nContent-Length: 18\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":18,"data":"{\"currency\":\"USD\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:50 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 229\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":234,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"46e15cf4768cfc6a5daaa99655f2fb0e","sha1":"14aa831ad82ff65c64af9b606f4683285487c297","sha256":"7abb768fcf81d4d3a2562cfa873b8cfe9c329bd85a55ddc9e9c4c2828968c05d","sha512":"0e7d82249f7f968d0ba1203d2e5af94fccf3b1e5453bc716cdd86d78f2156d7635c102462be002ec68aae1710e692539dbda0b955c9af8f1505034ab6c41f049","ssdeep":"","tlshash":"67d0973a400922cdc3a26240aa8928b18873f20adf02506d860900bfa28a42820ea884","first_seen":"2026-01-26T05:16:18.289241Z","last_seen":"2026-05-03T02:06:23.757215Z","times_seen":24,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-button.Cs337qol.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-button.Cs337qol.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-1955\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6485,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6484)","md5":"bc91ca954920f2c3f50c883d23140dbf","sha1":"05eedc09de792c3d0de24936eba4a13ca9e2a1f9","sha256":"f639e14a8899307f1a145e67d8b989b79fd11c2b2598fe8eff1d95deb552f4af","sha512":"e5f0f0b943e0b7d7aa58d7ff2364e3a2ab3a221f2350e00f740b190a94cd8826e1253ce5fa410365855328a71e8987aa74c6da4b66e0850eada2e85c6b0c052c","ssdeep":"192:FDuk4LqPOCDTRtYLRh9eBiugS7wpkSQVefhFbkjZP:154GuRu8Qcfu","tlshash":"3cd18441315c253b7fcf865c70b50f82c217a9889861af3ebfb4b1b99b4a845359ef24","first_seen":"2025-11-03T12:41:42.444501Z","last_seen":"2026-03-14T18:36:03.190794Z","times_seen":14,"resource_available":true,"data":null}},"time_used":477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":477,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-drawer.C9G2LKdp.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni-drawer.C9G2LKdp.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-8d4\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2260,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2259)","md5":"3180d6cb2cb361a87b2a411c442145de","sha1":"49a99f863f4203b3b9b91da0eee68db355af9424","sha256":"fafcb78f8a3daab297a86eaa08241a11ca8f4ecba5ece7f9d67d3debb383a324","sha512":"1b7ae80fe889e364def4a8fc6845700f6568daf8ec1917c70820952eb0ce0f3e74379733537d85e187302b017276af4c9495af63335ee04cbaae1062f47d3137","ssdeep":"","tlshash":"674165dab80e69320df24152503965445b047bf8d7b175cab2df28fd030c8c5528df38","first_seen":"2025-11-03T12:41:42.384871Z","last_seen":"2026-03-14T18:36:03.198798Z","times_seen":14,"resource_available":true,"data":null}},"time_used":472,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":472,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-backdrop.F03BBGK3.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-backdrop.F03BBGK3.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 901\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-385\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":901,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (900)","md5":"04ea6e2b271475ab19b88d30345820ce","sha1":"45aaae1326fd2505dc720e44af8b9c15c89b78df","sha256":"fa0ec06243142c73b97d6be2ed5d7ac5999429416243d45ac5d8e090fe32fe66","sha512":"e326ea782645e08ad2afa9849c9af1371b4321bde843b06ba56eb0acd9061c8a8e80b03daa637130695ef07dd4262d49a1f1055588af482dab5fb8cf84f5ffe9","ssdeep":"","tlshash":"ab11e30e744ee4323aabe574e0240a50441c56ade66a3add45ea71f90b4fcac939eb04","first_seen":"2025-11-03T12:41:42.437765Z","last_seen":"2026-03-14T18:36:03.208894Z","times_seen":14,"resource_available":true,"data":null}},"time_used":709,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":709,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"ws.hypeaabbb.shop/?token=17694046087355797558$contract\u0026sub=contract","fqdn":"ws.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:54.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ws.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:39:47 GMT","end":"Thu, 09 Apr 2026 16:39:46 GMT"},"fingerprint":{"sha1":"BB:14:B1:67:65:53:95:6F:1F:F8:69:BC:4F:21:0F:F1:69:2A:35:2F","sha256":"45:4A:A2:BE:2E:C2:7D:09:25:B6:C2:5B:94:A0:7A:70:13:B9:29:48:CF:DD:FA:B6:C0:2F:61:35:4E:D1:B2:78"}}},"request":{"raw":"GET /?token=17694046087355797558$contract\u0026sub=contract HTTP/1.1\r\nHost: ws.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://hypecip.xin\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: KfUBbkQyHr6e9KwRrsfeng==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Mon, 26 Jan 2026 05:16:55 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-Websocket-Accept: fou4dnI6iT+RDBzQLSfs8sVohlY=\r\nSec-Websocket-Version: 13\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":1773,"timings":{"blocked":-1,"dns":4,"connect":242,"send":0,"wait":245,"receive":0,"ssl":1282},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-drawer-B5HqcKg4.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni-drawer-B5HqcKg4.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: text/css\r\ncontent-length: 801\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-321\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":801,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (800)","md5":"95ef79201a5d27b742711431faa55983","sha1":"7141f121bab38abacbf206318d94839956c94a84","sha256":"f757f4d40fbd5ce9d751573b0dc9783bd47bbd284ced2625ade21651b0aea6e1","sha512":"03de685734c4ddaf972f1a99828495aa276468c6c90c4f5b53d0e969429cc377f502877e8a8effeebb958cf2e23152dd69ed8532fad7b9e319596ea12b234d3b","ssdeep":"","tlshash":"ab012b10681c1c0215f7d203ddd0da1a427c5293d4b10acd7396742b1fff9ea288a753","first_seen":"2025-06-08T13:31:29.651723Z","last_seen":"2026-04-11T09:25:14.677499Z","times_seen":75,"resource_available":false,"data":null}},"time_used":445,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":445,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-popup-dialog.BOFpiNni.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni-popup-dialog.BOFpiNni.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-d7a\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3450,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3401)","md5":"27cb0c1bb7cf364a794f0cd90bca7595","sha1":"aca0613bafd0121275c8d7b011e25ba620ef7578","sha256":"a8032afbadbaa514dca9291a21be1d850d1d3c274c45421f6e8bfcf4f5e870cf","sha512":"b82c26b9377e47d19d52365d808e969dfc6cbac4a03b0ff3ef47efa2b42aa48ba39ba37a4291a2058e52e6509ffb97794fca7b08ae2de1bcd711cc72e695e3f4","ssdeep":"","tlshash":"f8613fa17a6ef7378ece066042014901a1611efce9a43e7476b870da4f95cc1e2ed73d","first_seen":"2025-11-03T12:41:42.399722Z","last_seen":"2026-03-14T18:36:03.207938Z","times_seen":14,"resource_available":true,"data":null}},"time_used":696,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":696,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-popup.DobYqiPg.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni-popup.DobYqiPg.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-286e\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10350,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10329)","md5":"e72c42c3aa9647e85c1365cdb338d967","sha1":"671e017647630d4b1918629b808515cad6559446","sha256":"3812f719fb2fdfbcc7133ffa02fcfe9e0301ce2a728c84864ca1cc020f65cc46","sha512":"48967acb7362c4b38127d08afe7d837bf13123083c6f490114d6f7fc18cffed313cbfb1f27d4e6a0405afa12155fccc237afbc423995afbea10168d242829099","ssdeep":"192:MjVEG8OepS7bjbNnM4eYeHoxPr9uuCQpqtqELM8urYYxSv/+GbGkYk0YGdJZZ2W:QVErOeObjbNbPr9xCQpILM8urYYxSv/i","tlshash":"be22a986f499e81506d782b7d09d4700557ca5c475760b6c7bbdadfb028a44c339bb3c","first_seen":"2025-11-03T12:41:42.390994Z","last_seen":"2026-03-14T18:36:03.226949Z","times_seen":14,"resource_available":true,"data":null}},"time_used":637,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":637,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/favicon.ico","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:51.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:51 GMT\r\ncontent-type: text/html\r\ncontent-length: 138\r\netag: \"668df724-8a\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":138,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7389d931c86b3d7bb6b8af46d8c4172b","sha1":"8d2a4760aa0b47984d11cd1a66448719177fb791","sha256":"301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f","sha512":"dd6d1511e4fcd5bc09d821ffe091fb5946ac9654c48664aed504e479e9ac20c1cad44b6df90f42190d47e28f5f96bfb09d24056df6b950243d68ee8100a9a889","ssdeep":"","tlshash":"d9c09b5d755366449913155167c33641d196837f689a84510941c593f0cf69ac4c73a9","first_seen":"2023-03-13T12:56:15Z","last_seen":"2026-05-24T23:32:08.729512Z","times_seen":273929,"resource_available":true,"data":null}},"time_used":1865,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1865,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/_plugin-vue_export-helper.BCo6x5W8.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/_plugin-vue_export-helper.BCo6x5W8.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 91\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-5b\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"41bf66d156aac38dbf7a45b53cb4db18","sha1":"4aa693a2afcc34b6a577e1bfc4be3ef5a458dce0","sha256":"a7dbb0eaed9de79041d555c4563be4bb0514099b8d169a2b548ab2d07102cb55","sha512":"64e1a5c2939052c93692338bf78b66723ae6673121d2915a9fb0848449e4b2657c1a31c8940bc7c9ec77554fd4c04ffae1b787297f0fba23983a987e85caee15","ssdeep":"","tlshash":"40b012e500824138432175c796f444649e08005c394756d144480d52c143080541bc3c","first_seen":"2023-03-26T04:51:44Z","last_seen":"2026-05-24T16:26:51.131525Z","times_seen":1503,"resource_available":true,"data":null}},"time_used":698,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":698,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-26T05:16:45.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:46 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-35c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":860,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, CR, LF line terminators","md5":"8da61c5d78ec542eaff346d20f85c503","sha1":"de5480e858e077865c29001b2e9b8d4539e0355c","sha256":"3581a131d9158049e92304699a1e4016cd19ee792bf185fa57b444474e7454dd","sha512":"6c926a5547a1980c94078f3d0de68d74401ee9f6eb5f6c9e392be4e83b803a338ce8abc07b52ce0a01d3d8e6f85afa0806f324d5af56ba0a9f0952d70dd14b55","ssdeep":"","tlshash":"bf11124554e15d091230464534e5d82befb35a678b09ee6034dc627b4ff874acc9fc64","first_seen":"2025-11-03T12:41:42.473143Z","last_seen":"2026-03-14T18:36:03.201232Z","times_seen":20,"resource_available":false,"data":null}},"time_used":1426,"timings":{"blocked":591,"dns":97,"connect":243,"send":0,"wait":243,"receive":0,"ssl":249},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/currency/getTradeCurrencyList","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:54.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"OPTIONS /api/currency/getTradeCurrencyList HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: accept-language,authorization,client-device,timetamp\r\nReferer: https://hypecip.xin/\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:54 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/common/getCurrencyFee","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:49.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"OPTIONS /api/common/getCurrencyFee HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: accept-language,authorization,client-device,content-type,timetamp\r\nReferer: https://hypecip.xin/\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:50 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-app.es.d_vLI1bg.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni-app.es.d_vLI1bg.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 84\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-54\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"6b66c5e8ec007c309842caa5d15df880","sha1":"31792ad204aa6e3cc25b3f6e53b7cf2b950d35d8","sha256":"eb004fa1e81b674bbd9d3ab61a87d6d1bbbff407c1b41e91043edff23493b3cb","sha512":"d6e8cf99e6c0312cdb41693e9a0a96edb79178e6b4f4ca7dd2ab3c0cfce9c39f4db2d6f7e02132afcb3485f38ca2c91b573d56bd17e9e8e53e01f9ab540db8cd","ssdeep":"","tlshash":"d7a01287644120122822048010555907a17611d6458d862081c103244afc4a4d128909","first_seen":"2025-11-03T12:41:42.468412Z","last_seen":"2026-03-14T18:36:03.198241Z","times_seen":14,"resource_available":true,"data":null}},"time_used":639,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":639,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/HarmonyOS_Sans_Regular-BHHgWLDZ.ttf","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/HarmonyOS_Sans_Regular-BHHgWLDZ.ttf HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/index-C4RMy9IK.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 146616\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-23cb8\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146616,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 14 tables, 1st \"DSIG\", 21 names, Macintosh, Copyright 2021 Huawei Device Co., Ltd. All Rights Reserved.HarmonyOS SansRegularHarmonyOS Sans V","md5":"48d656ed53e13d664de5cfdc7d3c438a","sha1":"8bea06ce4d7b4196f5e5f60b5580bdb1519ff560","sha256":"4f00c7e80329238d0b6fc58e5c829c4086432ba9fa1a8c5ca3da9a0442ce0452","sha512":"4d3189ddd412c1018a1c102c7067b5983ed2ea46d26a0e7f5f8a0829b77557c35a6cdd41c3573c3fd0592e240f1dbf51133a73ad246f0f44dfbe37f5b1c1feff","ssdeep":"3072:2waXVb3/LizgXbAsJzu82vIm3r6yoj8Gf9g4I3ZgDl6iquMX3js2O0:GVb/Liz2Jzu8IIm3rE9g4I3ZgDlnJO3T","tlshash":"7ce34a07f3a3db5fea16adb9a632e22283cef434793e874ef5041567d49b8e1c884541","first_seen":"2023-04-07T05:22:56Z","last_seen":"2026-05-24T17:42:48.987398Z","times_seen":598,"resource_available":false,"data":null}},"time_used":1113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":630,"receive":483,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni-popup.DobYqiPg.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni-popup.DobYqiPg.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-286e\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10350,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10329)","md5":"e72c42c3aa9647e85c1365cdb338d967","sha1":"671e017647630d4b1918629b808515cad6559446","sha256":"3812f719fb2fdfbcc7133ffa02fcfe9e0301ce2a728c84864ca1cc020f65cc46","sha512":"48967acb7362c4b38127d08afe7d837bf13123083c6f490114d6f7fc18cffed313cbfb1f27d4e6a0405afa12155fccc237afbc423995afbea10168d242829099","ssdeep":"192:MjVEG8OepS7bjbNnM4eYeHoxPr9uuCQpqtqELM8urYYxSv/+GbGkYk0YGdJZZ2W:QVErOeObjbNbPr9xCQpILM8urYYxSv/i","tlshash":"be22a986f499e81506d782b7d09d4700557ca5c475760b6c7bbdadfb028a44c339bb3c","first_seen":"2025-11-03T12:41:42.390994Z","last_seen":"2026-03-14T18:36:03.226949Z","times_seen":14,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":710,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-avatar-CGsx0hv-.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-avatar-CGsx0hv-.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:48 GMT\r\ncontent-type: text/css\r\ncontent-length: 1007\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\netag: \"68caae3f-3ef\"\r\nexpires: Mon, 26 Jan 2026 17:16:48 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1007,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1006)","md5":"cdca596f9aa03121bd4c19f5afe2a1ed","sha1":"5c1adcc295e466b24f54ac80e0de60e15cb3c80d","sha256":"9b3f5edd7f12c7f0e91a5031092df83aeb9561ddd6ac2df9fdadd555aabfa08c","sha512":"9f54bd175384c46e8f5cdd860de7ece4a559260f3c2a9c03c62198e040deb4e2d5e92a6389ce0fc39322ba046e5a021fae1f68a9aa37c0f05b774dcc07ea3bc6","ssdeep":"","tlshash":"c211b697ba8f3124e03b85206448efae59bbd1918332482edd876f798bc66e3751344c","first_seen":"2025-06-08T13:31:29.616237Z","last_seen":"2026-04-11T09:25:14.725101Z","times_seen":75,"resource_available":false,"data":null}},"time_used":452,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":451,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-tabs-D_VIZz2j.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-tabs-D_VIZz2j.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:48 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-b25\"\r\nexpires: Mon, 26 Jan 2026 17:16:48 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2853,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2852)","md5":"e986b36d7ba5a986c6ba68f4e4582902","sha1":"8eabf4f7fc6a99d67f93605a8be0096adbc4d0e1","sha256":"8ab95e5a1ed24b603039bc4542b5abe98b505834c2b07c88ab1ab974774995b5","sha512":"c15bad67b877d2c709db1564ba98b9abdc3c1f8cad85ce22bae90369378994726e5bf699202a2038c2989d162b210f81942f0fb699322e40d92c28949bf85eb3","ssdeep":"","tlshash":"7551bd75f2dd203e547bf22974f4bb9c8468e2428217a36ea431372b48d7ad305b278d","first_seen":"2025-06-08T13:31:29.622121Z","last_seen":"2026-04-11T09:25:14.702809Z","times_seen":75,"resource_available":false,"data":null}},"time_used":448,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":448,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"ws.hypeaabbb.shop/?token=17694046087355797558$trade\u0026sub=trade","fqdn":"ws.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:51.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ws.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:39:47 GMT","end":"Thu, 09 Apr 2026 16:39:46 GMT"},"fingerprint":{"sha1":"BB:14:B1:67:65:53:95:6F:1F:F8:69:BC:4F:21:0F:F1:69:2A:35:2F","sha256":"45:4A:A2:BE:2E:C2:7D:09:25:B6:C2:5B:94:A0:7A:70:13:B9:29:48:CF:DD:FA:B6:C0:2F:61:35:4E:D1:B2:78"}}},"request":{"raw":"GET /?token=17694046087355797558$trade\u0026sub=trade HTTP/1.1\r\nHost: ws.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://hypecip.xin\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: H0phbHcTA6XZYF1nYuX28A==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Mon, 26 Jan 2026 05:16:53 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-Websocket-Accept: jf5A2Lr1e2LwdlVNucDh0mAgcHM=\r\nSec-Websocket-Version: 13\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-24T23:32:15.699972Z","times_seen":15677872,"resource_available":true,"data":null}},"time_used":2955,"timings":{"blocked":0,"dns":742,"connect":985,"send":0,"wait":246,"receive":0,"ssl":1724},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-tabs.BiKlbrzG.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:53.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-tabs.BiKlbrzG.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/assets/pages-newindex-newindex.CpR1XibN.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:53 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-12e6\"\r\nexpires: Mon, 26 Jan 2026 17:16:53 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4838,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4837)","md5":"7372dc7858fe87bec36f77ef8550238d","sha1":"dc2ee9b05dfbc79b569c52fd4b6981449eb8c259","sha256":"5131d999bc091840fb86da02f6d250e84aa9998b085280083b8c42b82c5fbcb9","sha512":"98d7924ba7e8321a07fbde65af6a0a1cc754c7cbee31c87fd84e19e4186bc043f0facc048bc2cb7b5208ea303fe84b5427bf9c211897ea49472348eafb827358","ssdeep":"48:dFL955ZggHqFbLJZAcHYaeXqH5QvbzEYpYbJQP7d4jfKwhOwFiOpTEecR71WPD6s:l55LHqFbLJZ94XWkY67dfEOfoo6X2V4x","tlshash":"bda17426378da0336ec7648a60205b95d5658b9cec247fedf3f1143cc706a1950ecb69","first_seen":"2025-11-03T12:41:42.410417Z","last_seen":"2026-03-14T18:36:03.196099Z","times_seen":14,"resource_available":true,"data":null}},"time_used":473,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":473,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/uni.f6aca0bd.css","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:46.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/uni.f6aca0bd.css HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-61ad\"\r\nexpires: Mon, 26 Jan 2026 17:16:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25005,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (25004)","md5":"3cc3de5b3802edc99e610e991843bc45","sha1":"5a510bd7d4140c3c7f1cdec6a97b6750619a7d0e","sha256":"f6aca0bdc12d22f8eaf57b3039f622ca78f167854fb67d528f6b3063378bf3d9","sha512":"02785752df00f96eec83ad11e7ede65caa6343b99d713487986249ba71207a4500ff3f7dbc25d4d87e98ba373011a8aaa7a1d5d9710b294f637a9d3e9edfce84","ssdeep":"384:UXpmLWLAHc8aux2iei+XHeVcy/iatZrwv:U8Suzei+XH7atZa","tlshash":"5ab29531aa002629f427ce2965d1db4f22318173e9531b2dfb79712ccfae9c9197b784","first_seen":"2025-03-06T21:41:52.717493Z","last_seen":"2026-03-14T18:36:03.19557Z","times_seen":94,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/static/statbar/new/trade-d.png","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /static/statbar/new/trade-d.png HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:48 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 04 Feb 2024 01:58:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65beef5c-5ea9\"\r\nexpires: Wed, 25 Feb 2026 05:16:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24233,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 823 x 823, 8-bit/color RGBA, non-interlaced","md5":"ba45d17afadaddeccbea26376cf72b25","sha1":"b9f51ae6e4751a2956f5ac6c14fa4eb61851bce0","sha256":"f45f07ba5587e2e580b33d45c837c119791e6f9c629c7f0cae15567dac19d170","sha512":"dce51c6e425b5003c1ef25be5316f6012f441912cc72db72d29ba97ef4fd088f856af2fc053c4eab9cf38e5ab56411041e0fd2517a1ea9a539076c7001beb8e7","ssdeep":"384:RV1jbdD30WS0EZ13u+6zxZXccAaFbUkXoKUK9Qft5fX4CORBSCNmrUmEnJHeWsx7:RVPDkdFn+puSdTOftuCORBSTFQ5etx7","tlshash":"a6b2d0dd35fb82850d07daa7f8539d75f06e3e84a5e80af3c1b60e025c8b481c626759","first_seen":"2025-02-26T18:29:17.861589Z","last_seen":"2026-04-11T09:25:14.768263Z","times_seen":111,"resource_available":false,"data":null}},"time_used":480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":480,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hypecip.xin/assets/fui-icon.CosUZAIt.js","fqdn":"hypecip.xin","domain":"hypecip.xin","tld":"xin"},"ip":{"addr":"118.107.15.175","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:48.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hypecip.xin","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 18 Jan 2026 04:13:58 GMT","end":"Sat, 18 Apr 2026 04:13:57 GMT"},"fingerprint":{"sha1":"DE:01:79:74:41:4C:4A:43:CB:D0:3D:5D:A3:3E:78:79:98:13:EC:54","sha256":"5E:74:72:88:41:5A:42:00:B6:7A:51:AF:86:E9:45:B2:D3:54:97:0C:05:D9:51:8B:84:C1:5F:B5:FA:F9:E6:55"}}},"request":{"raw":"GET /assets/fui-icon.CosUZAIt.js HTTP/1.1\r\nHost: hypecip.xin\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hypecip.xin/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 17 Sep 2025 12:49:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68caae3f-f84\"\r\nexpires: Mon, 26 Jan 2026 17:16:49 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3972,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (3645)","md5":"c762414f4f7d835d5565515f868d9cbf","sha1":"8509cbed8639c667a511d73cb08b508a3cff4874","sha256":"0ffc55afbee12bbb59fbecf7265dfec06c36b66d17b3586b99694acbe72aafa2","sha512":"433ce558c78eaa533680f34a3aac23c39dfa96d1e5016863d6b1ba233d096be88eca0d716d14da2a2faf7ef51bcdb2e0dc0359f6d05867e8144cff32fb1c40a1","ssdeep":"","tlshash":"0c81638e64f9ac2b6e8e7eca544c1203d0d19f58e9e0fc52ac9d09e5e57e950720df2c","first_seen":"2025-11-03T12:41:42.450395Z","last_seen":"2026-03-14T18:36:03.193486Z","times_seen":14,"resource_available":true,"data":null}},"time_used":638,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":638,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-26","alert":"Phishing Block","trigger":"hypecip.xin","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-26","alert":"Sinkholed","trigger":"hypecip.xin","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.hypeaabbb.shop/api/common/getCountry","fqdn":"api.hypeaabbb.shop","domain":"hypeaabbb.shop","tld":"shop"},"ip":{"addr":"118.107.15.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hypecip.xin/","date":"2026-01-26T05:16:49.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.hypeaabbb.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 09 Jan 2026 16:37:50 GMT","end":"Thu, 09 Apr 2026 16:37:49 GMT"},"fingerprint":{"sha1":"2D:38:76:26:05:44:93:47:0F:59:94:BD:75:59:8A:C0:62:84:42:CB","sha256":"E2:34:C6:C7:A9:0F:FC:3B:06:B2:31:6A:AA:0C:B8:AB:6C:99:A2:5C:73:87:EB:F7:DA:C1:51:B3:36:0B:52:94"}}},"request":{"raw":"GET /api/common/getCountry HTTP/1.1\r\nHost: api.hypeaabbb.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: zh_CN\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: Bearer\r\nClient-Device: 0\r\nTimetamp: 1769404608\r\nOrigin: https://hypecip.xin\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hypecip.xin/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 26 Jan 2026 05:16:49 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 98\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: accept-language,authorization,lang,uid,token,Keep-Alive,User-Agent,Cache-Control,Content-Type\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":84,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f414d36bcd063b1a89291eb67cf7a6c5","sha1":"cc90032a6a85881b8b020b181514a7f64119af08","sha256":"5930407e8b2543da536afa156a493980e55c5264796eacd05dcfce1a357f5699","sha512":"00deef7d41e9e7e26e166dc27d236e02368274ca3e730df50deb1f0ad18fc20b20151e0507ebb52b5a08f779d001b4eae9809beb28af93300d554b9e065c5ad1","ssdeep":"","tlshash":"dda012101c105a65fd5201623117340006e421518150540d544c162c864c09a200292b","first_seen":"2025-06-08T13:31:29.657292Z","last_seen":"2026-04-11T09:25:14.724085Z","times_seen":79,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}