{"report_id":"0d7daa81-f4f9-4e31-ac3c-6254699ceecc","version":0,"status":"done","tags":["suspicious"],"date":"2026-07-04T10:34:54Z","url":{"schema":"http","addr":"be-myfin2026.com","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":0,"asn":0,"as":"","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"be-myfin2026.com/","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"title":"FOD Financiën | Crypto-aangifte assistent","dom":{"size":221884,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22365)","md5":"789a8b061fb17999c5233c9597f95df4","sha1":"4171ecf7f6cf5876a2774b3e05d6f52c5a5659a7","sha256":"c97cb1c368de01afbc0a96a27dde2ed5f35de45752c2d6c41b61a54cfa2b964e","sha512":"3e0c2e394f7c596f5892451c5cc4f9e9a288bef664947418f7a267e5b61787823305ce74f51e153685250f8e59a0636b9f10f2bd1c4c9e33ec4f510ef4808f05","ssdeep":"1536:OY73pq4BgqsOmzPMVn41EotdLlJldB0DYdBXdB8dBHdB9dBeUdBfprwMpctBCY:173J5sOmzPMMdLlgDOPMGt","tlshash":"732482255bb7ce3251a305e367da6b793161924bcc438a2c77fc06e04fd8e8c6d22766","dom_hash":"domhash1308d7329721d50fd0c24431d7cf1f4b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"be-myfin2026.com","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":0,"asn":0,"as":"","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-08T10:34:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-07-04","alert":"Detects file containing Telegram Bot API","trigger":"be-myfin2026.com/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-28T22:19:26.805281Z","alert_count":0,"request_count":3,"received_data":46907,"sent_data":1721,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2026-06-28T22:56:10.267064Z","alert_count":0,"request_count":1,"received_data":23213,"sent_data":601,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-28T22:22:13.875484Z","alert_count":0,"request_count":2,"received_data":34999,"sent_data":1082,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"api.telegram.org","ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":206724,"first_seen":"2015-06-25T10:09:00Z","last_seen":"2026-06-29T20:50:10.200441Z","alert_count":0,"request_count":2,"received_data":724,"sent_data":1184,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-06-28T22:41:44.776353Z","alert_count":0,"request_count":1,"received_data":103191,"sent_data":525,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"be-myfin2026.com","ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"domain_registered":"2026-06-22","domain_rank":0,"first_seen":"2026-07-04T10:34:56.285856Z","last_seen":"2026-07-04T10:34:56.285856Z","alert_count":1138,"request_count":284,"received_data":1879575,"sent_data":145977,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"be-myfin2026.com/","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"36505f3ae9a7072af3584de00870b077","sha1":"4762354b10b8cece913557e7cba0fd04fc324c6a","sha256":"525f74e4f941eec1aec6f09ebd03341365096d094222661494f73ce60298b43a","sha512":"3b9fff8bfc43cb783dc146d1bfb324bd1cb876e765269bf56c56e9fa1a6127d93693a0ac2ddb693c23f54258189917f19d34124fddec519ce70ca2532486adb9","ssdeep":"384:cb9u1j/0OpVu38WDKv/UP8Vyv/8Hq2/2qZe/+2kwcS5y60sIsuufYUfVq5gllSDo:cp00D8WRP8hTMcgqbVPrC7","tlshash":"9123b95926fb2638417b55bf57dba09a352190072801d9297eacc2c40fe0f90eaf3bdd","size":48710,"data":"","first_seen":"2026-07-04T10:35:11.131219Z","last_seen":"2026-07-04T10:35:11.131219Z","times_seen":1,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-07-04","alert":"Detects file containing Telegram Bot API","trigger":"be-myfin2026.com/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"Telegram config loaded successfully","filename":"https://be-myfin2026.com/","line_number":2601,"column_number":21},{"level":"warn","text":"IP fetch failedNetworkError when attempting to fetch resource.","filename":"https://be-myfin2026.com/","line_number":1492,"column_number":26},{"level":"log","text":"Showing step 1 (step-form)","filename":"https://be-myfin2026.com/","line_number":1637,"column_number":17},{"level":"error","text":"Telegram send errorLogged out","filename":"https://be-myfin2026.com/","line_number":1510,"column_number":17}]},"http":[{"url":{"schema":"https","addr":"be-myfin2026.com/phantom.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.422Z","timestamp":1783161267422,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /phantom.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1200\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1200,"size_decoded":1529,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x100, components 3","md5":"25bd4696e87358e3f5557dc2a541f3bf","sha1":"6e68810e055635e69500ee108499a0021e8c002f","sha256":"b51aafcdf793f14b888cf567059d7c416b822b858b5b50526185715d1aaaadc9","sha512":"5e0dd291637e3353f3250dda44946e1521b35b13c8cbb632a14a77b24b086fcd832c06b852d650f85563cbb235a229ab81f1d8f05286ad10e78d11fa694291d4","ssdeep":"","tlshash":"c32186b6616ee722cff4fe3b6d9e7124e48566a0b412894d5d90c04092237b05c3a479","first_seen":"2026-05-22T03:52:37.799299Z","last_seen":"2026-07-04T10:35:10.484128Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":833,"receive":566,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/atoken.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.444Z","timestamp":1783161267444,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /atoken.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3338\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3338,"size_decoded":3667,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"165ecbb8999c7b4c6b02f25f17d45f7c","sha1":"93c441ce31933cfd4f6716b364d84c8fa662f208","sha256":"bd636563d0009c7dee933eeaa5f9ec4dc57e1f60c3dc40e651cead2ef16c27c2","sha512":"06d454c4db7965ee6cd0300a53f313979004a8da3923810757e8f511ca1edb013006fc655e82c6d6aadc616154e57d35ecbffdec85f01f74eec76ae4a9c7fb61","ssdeep":"","tlshash":"45611ab6a344275ccb4d2f3d206813f4ea497a3187fed72ac9d00115bb6eed44aac199","first_seen":"2026-05-22T03:52:37.669966Z","last_seen":"2026-07-04T10:35:10.485582Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1669,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":869,"receive":800,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bithd-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.462Z","timestamp":1783161267462,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bithd-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 4748\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4748,"size_decoded":5076,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"16ef0e79f2314d1201c92a110aa7aaf9","sha1":"1e94a8b2f96d4ad9d09fdec08269b9c17bf2f85a","sha256":"8e4870efb341f866bcaaec82678ed1561cd8494a27b989818ab194323b5e6fde","sha512":"561619769a796dd397b15c78f77fce1afd63b83b43d12039336b689390ab9aab35e9147ba5a8e8806b68487670c3cf523a38ec158275aca2901f419e6e20fe5a","ssdeep":"96:UOpSX01pLnWa0zcFaYPo/vsgSBZh1rle0cXlzN+oyK5wH92GUJAh:UiD1BWpoY2o/vsgSPjpuXNjnwH92o","tlshash":"51a15b1091459236fe3128f63a1d9032b6f80d83b483d2d71aad791ccc6b7a986df127","first_seen":"2026-05-22T03:52:37.220238Z","last_seen":"2026-07-04T10:35:10.486648Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1731,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":852,"receive":879,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/dcent.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.517Z","timestamp":1783161267517,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /dcent.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 3103\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3103,"size_decoded":3431,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"085644ca0a453bb1a2818b2bca33c2b6","sha1":"ba6375e7be83d514d2324585a11217f9ae3e3fdb","sha256":"d5722bdc8fccde624082aa3da0bed991102687ef2e6ce0829bb88c33f53d5912","sha512":"1410cafa54fda5e1c1b237646400288bd5a22ce041985f341bb87ad8e92da1ae7109cb8b7cf341d8e42c24ee53d01a41d117c2c43de6edcb9c65ff710590a312","ssdeep":"","tlshash":"29512bfd5af8cd31f3c35d6816545a40a51a0ed36b060c9e95d3c528e4f5308e966a41","first_seen":"2026-05-22T03:52:37.445636Z","last_seen":"2026-07-04T10:35:10.488242Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1907,"timings":{"blocked":386,"dns":0,"connect":0,"send":0,"wait":853,"receive":668,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/heat_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.543Z","timestamp":1783161267543,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /heat_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 9191\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9191,"size_decoded":9519,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"ea24e3eb6813d0464de24248890b3c12","sha1":"da5ce17689a4ab0c8c83576404966fac0c4e7065","sha256":"5976b70b8b7329ee5b35b38186886e51ff19fccdb01011b68c518f86b70519be","sha512":"41c0026faa422bdf319d494711185482659e8644b1bbb499eaa82e2f7f03c561fe6c25eedf27d0b27f4a5130265504898a9ee85de31961350a20584d83023640","ssdeep":"192:cJkirUyU+IZVX9vlSNTSYV1HRoVw1j7aySBN1vBGjlcxkB9g:Yk7yUlVX9dSNxXRoV0jTSBBGjl19g","tlshash":"1212b0a6f598be80099799042289b75dc7c7cd8b2e23c3540d3df1d8e4d0149365ab7c","first_seen":"2026-05-22T03:52:37.640939Z","last_seen":"2026-07-04T10:35:10.489374Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2039,"timings":{"blocked":759,"dns":0,"connect":0,"send":0,"wait":752,"receive":528,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/opera_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.636Z","timestamp":1783161267636,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /opera_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 7571\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7571,"size_decoded":7899,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"51645cefb87af549aee950b155e7673e","sha1":"d9b5ad8efe2bea88b5e2f129b309ab2fec4bd083","sha256":"cbc872157d81756be5da3067ef273dbe6a510f7a612d36295eef7dde2ebd6461","sha512":"9aafd0b81996f9af255fd24480b576bc0dc515941bd4b66f6d452f225b4d34208da03a3d37b73eb0e3b3c4f8f77f47520e918640b48957e218d7a8e40835bc2f","ssdeep":"96:i0JQY6T1jKYHVGDnEVugGBNCrh/H2VoLNSi3rf4y7n3jyiSbV9oKy6JgwaUc:i0JQYw12TcugFrh/kibl73GiSZ/Jgwu","tlshash":"bff19eed4e8583c08e4bf3e505ea45d23624caae734691c1af981467366f2077b2ec40","first_seen":"2026-05-22T03:52:37.246228Z","last_seen":"2026-07-04T10:35:10.490919Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2304,"timings":{"blocked":1284,"dns":0,"connect":0,"send":0,"wait":768,"receive":252,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/sparrow-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.700Z","timestamp":1783161267700,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /sparrow-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3387\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3387,"size_decoded":3716,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"b5517e03ea00802dc4630af793bb147f","sha1":"14066fd214f0b1a211ed7952cb7b54a8fa588eaa","sha256":"1f9969592497d0252a10941a21794874ad123bd3e9694ad224ee425756ba77b5","sha512":"cdf992dd2116fc525d65c7834586769b64f738b70040b59f0568e7a6d6b923d486987b18e33a6821ea12c390982598a1181912f6d40587ebcb1ae78293f16589","ssdeep":"","tlshash":"03611b5a53140609c81e237510b1e3fdcb5d5f3dc7f29f5e4961922e37ed442ac28697","first_seen":"2026-05-22T03:52:37.758955Z","last_seen":"2026-07-04T10:35:10.492165Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2320,"timings":{"blocked":1361,"dns":0,"connect":0,"send":0,"wait":889,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/stormgain-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.708Z","timestamp":1783161267708,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /stormgain-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2486\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2486,"size_decoded":2815,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"19954ae965d920ebbf69b0d7b08d08ef","sha1":"be129f47c950d73f67cfd21bea52ecd9f45de944","sha256":"b64abc90f318a07580dbab2d6ac281a8c2040d0b46ba2e423edffed421818752","sha512":"dffe150c814ca6d39e04cb7b6e4070173666828535ea5d0d22ed7e22f2473b5b0a7d5df56ba94d62c3129f8ab8a4482794385e9c6efb22d3ad8a3899687f294d","ssdeep":"","tlshash":"6851f8a927581f04ea1c1a7a70c75ba4ee892f1109fec2af488700291fbc58954142e6","first_seen":"2026-05-22T03:52:37.504895Z","last_seen":"2026-07-04T10:35:10.493154Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2320,"timings":{"blocked":1400,"dns":0,"connect":0,"send":0,"wait":850,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/arctic_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.437Z","timestamp":1783161267437,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /arctic_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1989\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1989,"size_decoded":2318,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x92, components 3","md5":"1125525a0c629f22851be7f53d4957a7","sha1":"8f2d9a31c70a225389283e39f7db702b0b87aef8","sha256":"6a30794440cf238d78f95bda8dedd229823aa3a42739fe682fa649a209768146","sha512":"cd599e9859462e16e9111b80d71c49f39f1ad25980c936066d785cfb28c93165f54231fe990860b249bc90985585b5acb9993ef555fecc0f22c8dc4e421f9ef2","ssdeep":"","tlshash":"ca41192b161bfd50fec2a131b458c801837af41ae253647a86f5290cfa43ad6e410b6a","first_seen":"2026-05-22T03:52:37.3178Z","last_seen":"2026-07-04T10:35:10.494437Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1458,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":874,"receive":584,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/temple-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.714Z","timestamp":1783161267714,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /temple-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 3946\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3946,"size_decoded":4274,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"7f7c81acdda53b099777fc422e9279a4","sha1":"c9e3fb2379b0becce52f8ed1ca51afec0bb7dc58","sha256":"7a0ba41e5ec76345786efdbec62027979a7193f5766608b93efb60604d1b929e","sha512":"a457bb20a164ac6c7efd5ac3804f82b9b7e16cdf322083cda7dd070081b5a6730f2982fb665e9795e9ec469db101f926406f636b1696c854c1f8ce15fbdcb2a7","ssdeep":"","tlshash":"38814cfd0675a6aedd5613a304cf30908e530bceae8615188c25e10dc41f8ed778afc4","first_seen":"2026-05-22T03:52:37.544099Z","last_seen":"2026-07-04T10:35:10.495447Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2141,"timings":{"blocked":1061,"dns":0,"connect":0,"send":0,"wait":752,"receive":328,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/trade_republic.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.353Z","timestamp":1783161267353,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /trade_republic.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1541\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2160,"size_decoded":1918,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fe22170fb958a030ad78f6cc081d7a86","sha1":"621fb2123f933c6f09295dab75441b78e3ab63bd","sha256":"d466a83d32ca0ebb121d5e4cc487d28bb95d6cd9c3a48e74df72cc07fbf9a042","sha512":"04a065c667229517b494563c7fb6c0cb7c3a00c93b2bed7c40877d994f99a067bf23c3a925ab869e77e50c38e73ffd27ac1fd9ecb6eaac38b57cf44d8a7abba1","ssdeep":"","tlshash":"c3411afcd54a2f58ac8982d5db7120188e521c5bc398478ee3927418d01dcc20a47485","first_seen":"2026-05-22T03:52:37.497351Z","last_seen":"2026-07-04T10:35:10.496478Z","times_seen":5,"resource_available":false,"data":null}},"time_used":531,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":531,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/casa.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.485Z","timestamp":1783161267485,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /casa.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2243\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2243,"size_decoded":2572,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"3afe97ccea5be3fe6b6c3d9b70a38f7b","sha1":"10c3ae352c312f33940970a85d2ae2258b36aa1d","sha256":"b67c017a093a05c264f1d7acd5c0c5b8e4402c18626dd132f80e3862d5759bea","sha512":"1109aac8b28d9c6740b099f0e96d214f07124d98d747c764385d742921c8e7cd51631cceabcc1c4a3b80b24dfa71ca8c6659007b0a10ad18c969211239d40bdc","ssdeep":"","tlshash":"6d41f66b4398a384e85c3a3a60a093a1f77b3d33ca97525f9082003cb7221d0ba14377","first_seen":"2026-05-22T03:52:37.779149Z","last_seen":"2026-07-04T10:35:10.497479Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1863,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":830,"receive":1033,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/polkadotjs-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.644Z","timestamp":1783161267644,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /polkadotjs-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3967\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3967,"size_decoded":4296,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"ac3a9a3b6bb65d7285860fa66d59fc67","sha1":"80fb8fd2f5da8c41994e0df7a19f3929ec3fe415","sha256":"b9536a3c4fd7d2ead1ac2e6c35354d1792130d8b221c6de30ab5114db877ab41","sha512":"e8831dc9c8c2f99661be6fc3fca00bbab3b19479459b93d4940a59a73c69c117dccca458ab101eff60ed5a9ef4fe2f48e14ad6e9b52c28f17a7bdd3eb77e4f7b","ssdeep":"","tlshash":"61817e5163985b82e90e1e3da0f01270cfba3d6f889932dcb1c158361bb90d14e2d65e","first_seen":"2026-05-22T03:52:37.78612Z","last_seen":"2026-07-04T10:35:10.498411Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2087,"timings":{"blocked":988,"dns":0,"connect":0,"send":0,"wait":828,"receive":271,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/multis.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.574Z","timestamp":1783161267574,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /multis.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2044\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2044,"size_decoded":2373,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"ea7d1bbff228c0aeeddeb30a4925054d","sha1":"e07ded49b2701ce678579bef99f3382fe7909bd1","sha256":"96e0191f216e4cdb57e9b1c40a2e3c9866f1aec8b42b1eec3b6cbed591be2169","sha512":"b035cb245afff2c603e7b9f118f30fc68713890e93dffaa63a31817885e19f312c33af41ef66586500ae78ebf6c1c2e12e7f81cc755500bb0834bb6702458fac","ssdeep":"","tlshash":"4e41f9715b97f328ee603b70b094cbb0c76e7e3b89e54b0e9085911a35799c0ce2811a","first_seen":"2026-05-22T03:52:37.416117Z","last_seen":"2026-07-04T10:35:10.499489Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2095,"timings":{"blocked":899,"dns":0,"connect":0,"send":0,"wait":727,"receive":469,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bithumb.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.408Z","timestamp":1783161267408,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bithumb.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1010\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1351,"size_decoded":1387,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2579958aff28b427273422da35f2024f","sha1":"cbe122537d59d4aed16a8c9a39df1d79bfdf8236","sha256":"09c2f90a74e59cd621b27122d738b2a325f21a66e8744876ae972a5dd98ba57b","sha512":"546d9bf723d1c7cd1cd33ba387f8530fd92dc0e2a884eeb2b511d6bb144615f21b8c058eb915e82871df306573dd4159183df99d3955aeabfc88e8d431a15b11","ssdeep":"","tlshash":"4021d544c0cfa23c4bd4cf31afba39c8e4469078a0d20bdee885204de651c82047d2ec","first_seen":"2026-05-22T03:52:37.668022Z","last_seen":"2026-07-04T10:35:10.500671Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1093,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":845,"receive":248,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/scalable.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.371Z","timestamp":1783161267371,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /scalable.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 6548\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9421,"size_decoded":6925,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1bcffa5afe7cca4c1ec5bd9fd0b0f861","sha1":"45533f0d953430ce6f074740c28b15734b3be396","sha256":"5f5cb07607ff69ddd1656abf6f337ac7fb7a7ecd043675325141dedee4dd0407","sha512":"2fac784fc2c5266d81d7463b166617e848fa033dd70d25457ba84cbd99eb28f431f38ab237d42517b9ed71a94ff51d9d67ee067dc571d423f1c5b86e45060a13","ssdeep":"192:9v/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZTubjymsR6Jlzcy4NIgn32qy:4yW3G4ySbGKvPTupM6J1z4Try","tlshash":"5f128dff2885502c111d89ccfe0ca5e28d74618b92f5839cf67c666990f4778e67409f","first_seen":"2026-05-22T03:52:37.798137Z","last_seen":"2026-07-04T10:35:10.501919Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":882,"receive":248,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/poloniex.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.405Z","timestamp":1783161267405,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /poloniex.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 15607\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":20773,"size_decoded":15985,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c18e0c9376460686f7d29b72726ea3ef","sha1":"a4d240d0c183407023c6ee21f1403e966fee214b","sha256":"b7cfee61343ead936701f604782557cc8280ac20fb8a07b859af46978838956f","sha512":"72ccf6955219b9ebc7115e4855acf4103fe586f22a8f5fa236b132f553bca081643bc5201fca7adb0339cbe46baa327516e941922437407ded602d7366988d26","ssdeep":"384:wYwKfH6NWd9v7mhBQz+xcwxuv6a3jbya/fa1zbM4Yqey/SFBdmqIOZVb:QKfaUv7oBQCxcwxuv6a3juaG7Sf5Z","tlshash":"3492e187562c54e7301df60af2fb42d882957c355f34fd4e60a0e470a6bc9f709ad68a","first_seen":"2026-05-22T03:52:37.734882Z","last_seen":"2026-07-04T10:35:10.502981Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":848,"receive":1272,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coldcard_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.507Z","timestamp":1783161267507,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coldcard_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4181\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4181,"size_decoded":4510,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"811acb2e87d2b07ede7bd624aba660c7","sha1":"dd8095e364dafe2e00f9cd7cabf55c4796fe4a24","sha256":"8170c4debd05bcdfb5201dae2d6b48ede2301de7231e1009e32a08c441d5ae2d","sha512":"353a448b9c9b7412c4560f84d9779c881b6f1cd502d52cfe73575945efb2a349eb1b54bd8c18ee3b4e7cebb0488d6d4d5e3d8a593e0b94c15892f7338b1ac245","ssdeep":"96:v894vCqn0JpenqbuqKmXOU+9KLkkIVtjqawdY:U9S0JWqKmXVj4kIvmD6","tlshash":"a8816c15739d8b08febe43f948bb5bc8ee947a368746935d42860602bbaa5c0842c56d","first_seen":"2026-05-22T03:52:37.270462Z","last_seen":"2026-07-04T10:35:10.504049Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1818,"timings":{"blocked":123,"dns":0,"connect":0,"send":0,"wait":792,"receive":903,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/uniswap_wallet.webp","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.753Z","timestamp":1783161267753,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /uniswap_wallet.webp HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5134\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5134,"size_decoded":5463,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a705f6ba02be0a471a8e38e56430f930","sha1":"6643fb489e87e93a84480130759ac4f3860e66d2","sha256":"acfc55c330c6d47f18d546ffce09e8998ec691af29cadc89d2521773b5f57752","sha512":"3f61e33b50cccc39ddef18f2b5cc047586ceb821c03410ef8474b318850a5b0062aecf8bc335afccaf478ff13e79d3135274ad0b1d606155c32696d3b656b206","ssdeep":"96:XaN26MT0D5MdtbZPAVwzV9CucAzu9WYOQHlaSuGR:XNYNMtKw+xA2WVQHj","tlshash":"d6b15d78ef5753b2d9a5ed7868f0778457c3373cd3619a022078a62816a55c1aecf0cd","first_seen":"2026-05-22T03:52:37.406338Z","last_seen":"2026-07-04T10:35:10.505497Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2635,"timings":{"blocked":1869,"dns":0,"connect":0,"send":0,"wait":766,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/zelcore_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.769Z","timestamp":1783161267769,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /zelcore_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 2795\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2795,"size_decoded":3123,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"6d4a8a3516e3b0052446f8e488295cfd","sha1":"f97e1fb43e112260eeb393f532cca2029753082b","sha256":"f84fde84d5c21626e1f6e7e5a51e98318b6c6d22bc941d54ef5f1c3ccdb14d1a","sha512":"bd03a3f45c477ae727508a3f6722ed0f39d6e8b8c7712f0b1703f1d255cb09179bd1f144259362d0e6cbc4c58aae0ddc4b37f8f31680fdae71f42f0632c3257e","ssdeep":"","tlshash":"f4514b4dd0a519c3f752522ba1a15f9180ed23cf3928a5da1ea4f90a399e530934dbb0","first_seen":"2026-05-22T03:52:37.257152Z","last_seen":"2026-07-04T10:35:10.506507Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2633,"timings":{"blocked":1900,"dns":0,"connect":0,"send":0,"wait":733,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/deribit.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.402Z","timestamp":1783161267402,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /deribit.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 6337\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9133,"size_decoded":6714,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3f81d29922e8b30efd19cbd7fe59da92","sha1":"fe1344847a9310cda3f9d06627113f136761bc22","sha256":"dbae90f3b8a610105f2d8fced4ca4e87716907e3c27b51668fd99ffd1740204c","sha512":"2ea5cfe1f3db7f13c691062b3aee5dc8c18a1a06201a67760e7d12c6c6698ea4d7a64e430f9d2c8287fd86d78998e32a71e9a8c25d6dbe6a6c6193de51b610a0","ssdeep":"192:9I/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZW7x4/zY7BT3W91NaG4hw:LyW3G4ySbGKvPWlK0s99yw","tlshash":"0e12aef72cc6902d503989d8b561a9ccaca116df42e1c39de6491284c1e2f9ce3718df","first_seen":"2026-05-22T03:52:37.400696Z","last_seen":"2026-07-04T10:35:10.507622Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":853,"receive":422,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/digibyte_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.524Z","timestamp":1783161267524,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /digibyte_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4496\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4496,"size_decoded":4825,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x100, components 3","md5":"c9b313535762ca13f8bbaf4dbe41760b","sha1":"ffd6232cd52092923648b7d82d9fd78efb188b18","sha256":"66d4501e6d95d7d3aca83ee922d56aec92b32b1eb13fc4f868cc8673dafa4249","sha512":"6912e227311553efac417f5591a00b1312441c6ee34b991d3f4a955a6a89f3ea819addd327c8f1f9fa9d876058dba299c525f18987a612f5ca1f5b5bc6bf93f8","ssdeep":"96:RqSeBwMrWYq2DwRu5oU1HSYvNhQycE0LWMs6ks7d96bwDvjyYY8:atre2DYu5VvXcE01Dkb6jyYY8","tlshash":"b5917d50f44b4d53bdc7dc69eab5e0a92a2eac0e4a97c7e06b380662bcf30004c6c4e4","first_seen":"2026-05-22T03:52:37.488893Z","last_seen":"2026-07-04T10:35:10.508678Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2666,"timings":{"blocked":1901,"dns":0,"connect":0,"send":0,"wait":765,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/meet_one_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.566Z","timestamp":1783161267566,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /meet_one_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3981\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3981,"size_decoded":4310,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"a64b0eae10aa7a797fc3c514a4f6750b","sha1":"199f3816a517163b274dfc9dc78a155391014226","sha256":"319248a82ca7b155b40144f5a2ebb4c3d30e239ecb6a3567c2425550e45f2133","sha512":"4a8da8b9ada7dcf85d9ef70a9c20ca58b6d2ddf29a6f620661d90e139404b03144fcde3a3deb3ef917f26a262ac4bb6f4184513fff9eced0f6002a37240824fd","ssdeep":"","tlshash":"23815c1243251709d31d0438f5b27f70e71a69b5dcf2e3ba65c297e837493d8934038a","first_seen":"2026-05-22T03:52:37.28463Z","last_seen":"2026-07-04T10:35:10.509838Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2507,"timings":{"blocked":1603,"dns":0,"connect":0,"send":0,"wait":861,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/ownbit-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.638Z","timestamp":1783161267638,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /ownbit-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3469\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3469,"size_decoded":3798,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"b7129b6d24641b7bb433d9488e4c7a46","sha1":"c2f51666dbc81800487cd4ac5f7b52ea26fc8cfb","sha256":"709c35d57870e5ad77d843ef72cb8b5098b15344ff55ed27bfb6e7f166011b92","sha512":"9e7a52fe77db286846e02a5b94fce188e3ce53f6055379c676cfd37addc75d4f85667f158aecad9b448abb90b68201f4fdda4b3a8d2c1181ac9d64bb7b375f9e","ssdeep":"","tlshash":"77614b5173a53397ce5c993604855312ca216f5baab3630fc4c3921bf3aeb84c5384ce","first_seen":"2026-05-22T03:52:37.433181Z","last_seen":"2026-07-04T10:35:10.511065Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2303,"timings":{"blocked":1284,"dns":0,"connect":0,"send":0,"wait":767,"receive":252,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/css_IuF4HgUdgHj26fEOqKrFzLNVJ6kW_3J_QBPNBBdhnBg.css","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:26.992Z","timestamp":1783161266992,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /css_IuF4HgUdgHj26fEOqKrFzLNVJ6kW_3J_QBPNBBdhnBg.css HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: text/css\r\ncontent-length: 29466\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Mon, 15 Jun 2026 14:54:59 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":230430,"size_decoded":29839,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (1441), with CRLF line terminators","md5":"f912cbfb22cd598d48c7966dba133397","sha1":"96ba043a08d7ed8cc068238043699305ae913d92","sha256":"e5847e2d255ad759fc3f92b987f4daa1fea6b2cd47cb6423443e4d22c9c0bbd2","sha512":"c892b721b6823402cd1de82717e53da2d37f70eefd8202c95b16583dcb17a9e76e859d4d6da9e4c4900d6a0137f627ad5d2889c00dfae0bc73ba2499ca9aeb47","ssdeep":"1536:YlmfsMohZKIVm9GpmJMbKpHKtz+99hDKkXbAXZLYk:YlmfsMmZKIVgGpmJMbKph2pH","tlshash":"5b34406cc92b1181533bcaa5ab536215f7249137eb0108dcfbeae60c8ff526550e2f9d","first_seen":"2026-07-04T10:35:10.512237Z","last_seen":"2026-07-04T10:35:10.512237Z","times_seen":1,"resource_available":false,"data":null}},"time_used":860,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":272,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitso.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.407Z","timestamp":1783161267407,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitso.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 17691\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":23565,"size_decoded":18069,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a2b21117ec0201f998671de2d8b8fbf5","sha1":"cebc88ff48b78977f525c92e65271a91de85793d","sha256":"147286bef538a6b7ec457b89ed160a514429d543e3055bcbb78c400b96fd3d50","sha512":"4fb06c11440624d8f6b7f2793b693e10659c37cfba2c909a05131f9a0ceaf5182fbb0966130c043fb732d53b1ab3efbf3a8964ae7a1b0646c78d318fe37f639c","ssdeep":"384:C+8EWk8pJWxAb/4zx+mnFpz5eLaCcQJp4tmEVec7fLHe6k3krdxqZQxUUbuacOe4:CyHx8Y+mz8LaC8tmEJLLHeNkrdwZQxlN","tlshash":"c8b2d0fce4c54e328a284366e169010e41955fa48a7997f38896bc578ce0eec3f17d8f","first_seen":"2026-05-22T03:52:37.452435Z","last_seen":"2026-07-04T10:35:10.514082Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2082,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":728,"receive":1354,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitmymoney_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.464Z","timestamp":1783161267464,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitmymoney_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1805\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1805,"size_decoded":2133,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"528f72694b3fda1f8606fcc05067d7d3","sha1":"edc205403e787bc0a30ac3ad898c87bbdd21f3e6","sha256":"c0101ab492106f419ad17b46432323f83c435904313c980bf21c2023d7d94207","sha512":"012fd436bdead076ff03e9f62a4b85e352811fba529810ff1599d991ac848d4d3f86331c7e46a8d4d53bb4ad2a97532645ff71d698bb4c9387115579033ff6f9","ssdeep":"","tlshash":"b531e9ca7b84a45a3a5f0aee497b0d075e3b9818763988d5c548e20f974c3a19b491c4","first_seen":"2026-05-22T03:52:37.777828Z","last_seen":"2026-07-04T10:35:10.515635Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1749,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":850,"receive":899,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/green_address.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.540Z","timestamp":1783161267540,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /green_address.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 10678\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":10678,"size_decoded":11007,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"ae7e92189c01c23cc39860eb20b65c74","sha1":"9dee51f577cb245a8d18bb42df4ca663f10acbbf","sha256":"73a4880e882d09fbc186151ef329aa0e7ea10ed76687c84ecfdd4b39c6505ba7","sha512":"abf22c41c20df1b9b6ab1960a5e39535317a13bfe0dee51baa90b895481deb14282e601bc643dcf68065da7e54fe7e4d79d9a9d7b1de65bde4b05f21876047c3","ssdeep":"192:UseGxfPWdKaoKOUJmVanSnMYAUx10f7gSnIA62TU9F1f4O/feYj0MnNER8q7daxC:U31oK/EVan+MYtSeF1f5/feYjBaRtdcC","tlshash":"d922b0c4fca3f6de7a831eaa46030f5e01435de7a27db6fd244224373d1a7691391066","first_seen":"2026-05-22T03:52:37.655055Z","last_seen":"2026-07-04T10:35:10.516846Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2454,"timings":{"blocked":1571,"dns":0,"connect":0,"send":0,"wait":731,"receive":152,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/kraken-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.555Z","timestamp":1783161267555,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /kraken-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 9318\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9318,"size_decoded":9646,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"120fc4fe493a8aec1c7537e6940556b2","sha1":"d9657c2407573329ae201fd00f87cd5dcde0709f","sha256":"de5e743204bb839931151b4b0813a65fed247708cbd71e2a5c20cdae7a360672","sha512":"9241f6db82b0286525c68e5bca83cb064282593edfa71e60a2329d819b3cc89d18fa6d0c5b706b1b9f84770a4dc57d1aaedd03fe4aad2c09cb81cf80279909eb","ssdeep":"192:QSrAiZbqphjlPsAgB7jyZUc14M7T6J4F7lkbhRx5VHmlmdUDaZ:3BbqpBlPs57WZr9T66BlQhRx5VKuZ","tlshash":"8912bfe793a236777625a9101d0a3c50f43e07e63e5cb6eb21388841c4e8c6db7e02ed","first_seen":"2026-05-22T03:52:37.551704Z","last_seen":"2026-07-04T10:35:10.518433Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2449,"timings":{"blocked":1569,"dns":0,"connect":0,"send":0,"wait":731,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/advcash.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.758Z","timestamp":1783161267758,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /advcash.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2194\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2194,"size_decoded":2523,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"63b62e6b94ad848e73fc61ccab1e99f1","sha1":"d428d1a6458e39f169e18125d02e3f6fb30edbc8","sha256":"7da2342cce736b40c6f3107846ac5a47840fcae35e0f7d4d4130589f37008b5c","sha512":"58a49818724210a267d7b2d96e6937d90ea6bf4524037b8c8ee856870115658ef923eeb7c2cb3e0d89d89674a9498105e3837c08799738d2fd3119bdf93d10d4","ssdeep":"","tlshash":"2d41cad1c70c9768de6d0a7414e023b2df583e28ababf79fc580584af76d588560024a","first_seen":"2026-05-22T03:52:37.666172Z","last_seen":"2026-07-04T10:35:10.519742Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2162,"timings":{"blocked":1098,"dns":0,"connect":0,"send":0,"wait":712,"receive":352,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/binance.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.360Z","timestamp":1783161267360,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /binance.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 365\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":678,"size_decoded":741,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"34f97f010971c1c9c931e76b3fcdd770","sha1":"1fd151c5d9e637446486f640728f1a4ac549a4ef","sha256":"19a649bdd7aa447bbe547fdb72fd82e907fff5b3ae916d5215a6f519d34bd7da","sha512":"78fcf3625490fe690d76ce9e42ee47778e4731e19b98d6a6af73309af5bf891930aee8cec5165b84c78e6e3c7bb1757905fc5e1eec4d8827f781efb5ac99bb5b","ssdeep":"","tlshash":"ad017b6dd7856f2c68c14155dfe4608069f4249686ec68ec54c32a3b24160f2fd44c6b","first_seen":"2023-12-24T22:32:30Z","last_seen":"2026-07-04T10:35:10.521039Z","times_seen":147,"resource_available":false,"data":null}},"time_used":733,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":733,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/whitebit.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.401Z","timestamp":1783161267401,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /whitebit.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 5927\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8597,"size_decoded":6304,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ba3e6a7a4a328afe10fc0212f55b2188","sha1":"b881be5b8ef1f057b09f4bcd56ee5e097714efe3","sha256":"470300e56897841a4d7b15397469a61dd9e85b4bc782892098d05fbe98160b6d","sha512":"41303be0e94ce02294342dc0e9e2430f434d6224247772fd0d30d69de092b95eb206b073ebb24c2ebeefdc52ebe7a8750a0d808525150c3dfe7941c415af09ce","ssdeep":"192:9b/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZ8WfR9hTHA50sgqu:AyW3G4ySbGKvPRfDhe0s4","tlshash":"1e029ff79c85742d5c3d4ac87e2828d1dd74500b52e0da4cfea817c4a161b8dfa259df","first_seen":"2026-05-22T03:52:37.747815Z","last_seen":"2026-07-04T10:35:10.522456Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1069,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":852,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/abstract-global-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.429Z","timestamp":1783161267429,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /abstract-global-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2145\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2145,"size_decoded":2474,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"71255fc7b0accf1858b4c46c7ea631e6","sha1":"55d09dcaa944024065872334fdd0d2d5917177c1","sha256":"3de2ccc3dfdbc0b4bf842c841fa950ed4b27716b0d43dd3bdadcb71ea5eeb5c2","sha512":"1dda96e0d31b019662e4ce2e1aea42112ed3e6b30d3577fc43e3e8e87d7e45bf8ca011ad6617ef3297ab950da0631555a29f47ed411329aa31d5934c22201ef0","ssdeep":"","tlshash":"ce410ad85f080215d51c1fb014d08b63fe613b71b9e39b6e8c82559ab314aca0a6831e","first_seen":"2026-05-22T03:52:37.630428Z","last_seen":"2026-07-04T10:35:10.52384Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1426,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":882,"receive":544,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bcvault.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.450Z","timestamp":1783161267450,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bcvault.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 7753\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7753,"size_decoded":8081,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"d236fdb0e3112f88550c9543dacea976","sha1":"53e9833b719eb1de4b561ac40f531d6639ca4195","sha256":"34c41c508e5f0f8a3a96a08a7506e42c5794dc4219565e07ca6be80ea57a94da","sha512":"3ede2da0fad65a4fc0b0326531eb1db9fc44a1ccf84dc061f03ad55c06fccaebbf05169636a2722755433ea0a489f77e24cd900c3afab19015c660f092e1c272","ssdeep":"192:VopxgOwxAMc/ahMSixMN/SBqlRqu3n+HdPiXI:ozyc/Hfq/SBqlR7Y8I","tlshash":"50f1bf948d3e5d52316ba97da405d5769c3de356da2e0bdafa01a2ec24510c408c8dff","first_seen":"2026-05-22T03:52:37.712438Z","last_seen":"2026-07-04T10:35:10.524958Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1582,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":862,"receive":720,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitgo_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.461Z","timestamp":1783161267461,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitgo_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3631\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3631,"size_decoded":3959,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"cc4ae7d571a8abd229fdba1539214d52","sha1":"0cc0bffe1645f9c8affdeca70caa45d64eb18084","sha256":"5f8f01718621ba6c852aef9a8a1aa93e9b5bfac622af8caeaacb736c76add0c3","sha512":"f46be80900dfb7782ecad7c16715bbc93032013376b874f985a37ebe415e43ff2bb31cdb23c259bba595b7e4d202bd3df11b25d460a332fb496e4819076e3555","ssdeep":"","tlshash":"a0716de3bcd13a0dbbb78382bc6d52c068670eb509558a8d89ddc6d77c339081de4967","first_seen":"2026-05-22T03:52:37.574318Z","last_seen":"2026-07-04T10:35:10.526225Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1552,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":851,"receive":701,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/indiesquare.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.547Z","timestamp":1783161267547,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /indiesquare.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2478\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2478,"size_decoded":2807,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"c96e3d380e1fdbf1160687f333c62b03","sha1":"ad437741b577b5991fc91bdc1902dd683740ecb5","sha256":"9b740d983622ad7fcfc07d50661d6be9d45d25a2efc5a39802867c18f74911df","sha512":"29d370ecf9f0a76ea884998e9b9f1858cee256e31b4032a70b20b1bec3359d432c4b99a58aa264f5aa0927abaa0d9542e116f86b6dc8c81879fe06f035ed34db","ssdeep":"","tlshash":"3e512b40539d5b0ae31a173c38900771ed2aad1dfd5be771828021c73a64cf18c6836f","first_seen":"2026-05-22T03:52:37.776381Z","last_seen":"2026-07-04T10:35:10.52756Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2301,"timings":{"blocked":1270,"dns":0,"connect":0,"send":0,"wait":827,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/keplr.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.553Z","timestamp":1783161267553,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /keplr.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 2908\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2908,"size_decoded":3236,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"87608a13ecc6e0fa3d4ebec92dba1a56","sha1":"5c5c2b189a75ac96d519a15623f4f233bf498d11","sha256":"1dfe8ee8f5f7bcf5563827981b838d311b62452cd3d5f67c126a2a71024015cd","sha512":"6104eda191391fe72dbd36ae1d2e02caeeaabba164610ba7e7f7d4d35c1492c1769568d88c1d4aec7357b7677db794ad1790c16bfd20847e0af3615c59680b3d","ssdeep":"","tlshash":"94516ef321433b21c7c94fa8c6860f48369be0886f3a5b9d15b1af6a8075ac53d4208c","first_seen":"2026-05-22T03:52:37.4902Z","last_seen":"2026-07-04T10:35:10.528776Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2038,"timings":{"blocked":816,"dns":0,"connect":0,"send":0,"wait":812,"receive":410,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/robinhood-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.686Z","timestamp":1783161267686,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /robinhood-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1997\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1997,"size_decoded":2326,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"cfdfbacce2fc5db96d333f2da2c144e0","sha1":"c00380f3c2778c64f71541980bcf98e36f0fba2c","sha256":"73e1aff416eef87128feb09b476a2338f456d57b38fc2a8c4f4f06e779b25050","sha512":"f6edfdca1b829cd74b2976cca9b7d245a4f24d0b56bdaf247dba6d1702029b00b5c8d462d241fcfaa9065a2d8026dd31f42e7011a92957d165f476840a22cc69","ssdeep":"","tlshash":"a94195e643c46785c60f2ff808e05362da5a3f3591a6873d4661011e576e4c29b386e7","first_seen":"2026-05-22T03:52:37.797125Z","last_seen":"2026-07-04T10:35:10.529989Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2125,"timings":{"blocked":1029,"dns":0,"connect":0,"send":0,"wait":785,"receive":311,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/solflare.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.425Z","timestamp":1783161267425,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /solflare.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2268\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2268,"size_decoded":2597,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"8723debbc26a3b4da8e1ab8b2e111556","sha1":"52dc560b33002d53633c965e7a7b0a75657ba78e","sha256":"af081ff4f6568e376858a6d8d852a8bcdab9422525b258dea264ad2c0f69df7f","sha512":"901de696c38b260f6380d087a6a71cbb9acb9792cd5ff8be2409368c3f26f0f0ce15aa0643fac2fc34c73489d282bc6acc3f85b65e21c4c00a1a96956884f815","ssdeep":"","tlshash":"1a415ca6d6805161ee4f2331d3a01763f6c16ec00d74dff48839fd29ef2b8954e08289","first_seen":"2026-05-22T03:52:37.689338Z","last_seen":"2026-07-04T10:35:10.531255Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1395,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":829,"receive":566,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/cybavo_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.515Z","timestamp":1783161267515,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /cybavo_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2902\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2902,"size_decoded":3231,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"fbdf2857bd577082286fbc4def20c99e","sha1":"5ad441fbbb195b129c6a83ac59adf87e5ae66015","sha256":"2e67c68b7fb0627863932f448f1554ae923ddfd3166e9b666788f9dfdfa59de7","sha512":"e1b4e9b59dff9ed41ad18b4340f1be88dcb75697f66c53720120e3d9723f02d1c144eeb6e5b6c0dae03fc7624a7a98fedca90acae3b11c3dd402bf2a729fb5a5","ssdeep":"","tlshash":"fe511cb7e3885e9def1e2ff49b068380e75d1a69d5c7e29dc9410156b771cc10e2818a","first_seen":"2026-05-22T03:52:37.215808Z","last_seen":"2026-07-04T10:35:10.53233Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1907,"timings":{"blocked":386,"dns":0,"connect":0,"send":0,"wait":853,"receive":668,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/jiggle_app.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.552Z","timestamp":1783161267552,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /jiggle_app.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3170\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3170,"size_decoded":3499,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"f74f4250059221399a0431f761033bf0","sha1":"618a70a45daffc61fee90495881e76967ebb556a","sha256":"0b47b79def77c61ab89dcd8ad8500df6a3f414da58b0d9e6ae3d6635fbe65d5f","sha512":"c12e0ee09380675860648c7dc6cbb24555797b5ed97f0c4c117e58a4aad8db1f65ff4355e9ffa3ceae63bfb05aa7a5285d8d539c123b7ff3c40da86eaab84844","ssdeep":"","tlshash":"58511a2197516b58e91c6ab91c9007e5e7e23f231827e60c5745925877ef093ea1838e","first_seen":"2026-05-22T03:52:37.421466Z","last_seen":"2026-07-04T10:35:10.533517Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2038,"timings":{"blocked":816,"dns":0,"connect":0,"send":0,"wait":812,"receive":410,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/paxful.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.641Z","timestamp":1783161267641,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /paxful.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1777\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1777,"size_decoded":2106,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"dd446e8069eb8faca50e48a00e905c2c","sha1":"763877c07c7753737198fac6ef5e349e59d0981a","sha256":"ae0264aeace7bcb86b01a0ac1a53991c00e1d0508eee1fa109aa53a7ec5e0f62","sha512":"4326b9d6382630305eaa5e6e705572f3eb2c91e2a74a569800560475ab0281788d9293c4d004edc4a6d23a3beca142692818061c889814c81e3a5b2c3aa28944","ssdeep":"","tlshash":"5f31b7a3e7942b6dec4c6a7901606731dadb3b37b9d7c31e8180953d3bb50818e1c1da","first_seen":"2026-05-22T03:52:37.604124Z","last_seen":"2026-07-04T10:35:10.534888Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2642,"timings":{"blocked":1876,"dns":0,"connect":0,"send":0,"wait":766,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/kucoin.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.381Z","timestamp":1783161267381,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /kucoin.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 6942\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9933,"size_decoded":7319,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c72233d36bfd55b68977176b2483b93b","sha1":"46b3c95d39c5d30d6fbf45f021a43662e62da75c","sha256":"8efbaa13de648de5925ef4fe6bfe6c9e5fffa547720d2ba23ff42cdb74cc8411","sha512":"b3f26e1ce8623f2a0d179e4e0f9b9da6739f7b8092864191cf46d8ef621b7add76c134582c638556ad6c39afed01af073d7f06effb3fe873081a89d75d18162e","ssdeep":"192:9R/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZHkS8KvSpVmPOc:uyW3G4ySbGKvP7gVmPl","tlshash":"9c22b0fb2cd4e45c052c499cbe7825904e50208fc2e6879dee5aa34860f062cf6358ee","first_seen":"2026-05-22T03:52:37.201715Z","last_seen":"2026-07-04T10:35:10.536076Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":873,"receive":480,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/overrides.css","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:26.998Z","timestamp":1783161266998,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /overrides.css HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: text/css\r\ncontent-length: 1087\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4054,"size_decoded":1459,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"d838f4b2a4c81a30b7531220fec590fa","sha1":"6068914083cb910c1e84f515138d88556ad4e91d","sha256":"58f85486a25d2b45232a998399ea7dfd971e39f4792518a6d3ff57b651082069","sha512":"55638ac091b5ef62c95a2ea619ce809c1d0b5b83ddffa44da79e92dfbc996a4b7a9a653ac7e2f33c03e533e76b94f890e301efe1468d7dc9ea49ae33e287df55","ssdeep":"","tlshash":"26810066d335734622728b7e679a06a9eb5491139b0141bc7fcc33090ff51243caaeed","first_seen":"2026-05-22T03:52:37.653363Z","last_seen":"2026-07-04T10:35:10.537322Z","times_seen":5,"resource_available":false,"data":null}},"time_used":514,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":514,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitvavo.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.367Z","timestamp":1783161267367,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitvavo.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 6842\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9809,"size_decoded":7219,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f11be9c07426fd42a78bc54b3dc4cd30","sha1":"f4700c1053f3d2b3631d7a52153d1f5bc0922d00","sha256":"305c253c25b34ee68c956f9f372cc58731f54efb2bbbc3a69f549d98f8be237a","sha512":"06f33bd4dc8f32f9af6b95255d00a2f76debffec8e94d12573fa0383298da69f5e86a70822018f83b9f43eb75b3c595ab6c5285afce0fba7df627a6c3ac0bdb9","ssdeep":"192:9M/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZHVvUl8Cm9r8l9Ko:PyW3G4ySbGKvPHVvUl8CIr+","tlshash":"e812aff76c46611e503c8888be1926e64e60a54fc3f4c78cedd9650ca191b8cf2251dd","first_seen":"2026-05-22T03:52:37.487252Z","last_seen":"2026-07-04T10:35:10.538541Z","times_seen":5,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":544,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/1inch_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.428Z","timestamp":1783161267428,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /1inch_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3822\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3822,"size_decoded":4151,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"162a70643ceedbfb3c7a5a83a2de42b6","sha1":"2efd3a837574ecd9a0ed39e9db3db5ecff161181","sha256":"b1379bce03223ab5c95cd82ab5959cb44106eed73022038c183c9bcae2d11613","sha512":"46587c6dc67b1484c1d17b8312b558edea46625fd4c49d8f4f975b1dc2397f9dc4e954794d396d48b1e544db770cc03994a1cf8281e3a032a0f235ddbee35050","ssdeep":"","tlshash":"64715bea03488a55cd4f41740c454300e2503f37a675afeb8aeb843b3b7f1d08eaa642","first_seen":"2026-05-22T03:52:37.699056Z","last_seen":"2026-07-04T10:35:10.5398Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1427,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":883,"receive":544,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/cypherock-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.516Z","timestamp":1783161267516,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /cypherock-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2701\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2701,"size_decoded":3030,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"77ab679c2bbf413081f5bfb47d9373c8","sha1":"b68e8977306dd2bd948852a4f488c6ab33c6ff57","sha256":"44dd518d4db9728ce43c716612f9b2f0301713675a4a879b83f2188347df28d4","sha512":"aebb91aa296306e0a3f5506da486bd25ac878b72831c43f27dce2806de31de1c24de7eafd41617f580e004b56583348aa82dc528717cb3037456fd2d42e76a26","ssdeep":"","tlshash":"77513d95a700576afcdd47f818904b9ce7ed3d63d29e1a49c3e0c151bb395c04cac64b","first_seen":"2026-05-22T03:52:37.753601Z","last_seen":"2026-07-04T10:35:10.540848Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1907,"timings":{"blocked":386,"dns":0,"connect":0,"send":0,"wait":853,"receive":668,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/holy_transaction.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.546Z","timestamp":1783161267546,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /holy_transaction.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2564\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2564,"size_decoded":2893,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"f1f7b88d5a8ffc59909c3ce01e73dae3","sha1":"53b539d5cce454503c4eba927f0a6acb1febd8a4","sha256":"8bf04d1c69c86e7ccd87ba1caa1a281700ac1c4b991f52a1d4568264a2f80c4c","sha512":"3b10f0c73d3c9d91627751b08378961c70fafdb767093523ae881214636f85415efe8d795c502f3729fdf29117eac23a2d9225bf59e6368699e2d63ce2009305","ssdeep":"","tlshash":"6151d7635b572715dc8f06f908a04331eeae3b31d4fa87bc519543276b6c080861c959","first_seen":"2026-05-22T03:52:37.531856Z","last_seen":"2026-07-04T10:35:10.541952Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2489,"timings":{"blocked":1570,"dns":0,"connect":0,"send":0,"wait":896,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/arweave-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.441Z","timestamp":1783161267441,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /arweave-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3682\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3682,"size_decoded":4010,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit grayscale, non-interlaced","md5":"63c0d3f419376b76cdbf474686c8ef38","sha1":"f1ff2168bad1d6a2bea4cbc0ed2051dddc11bf0a","sha256":"8c7e580bf24ff0066ad658bedfd330031758fbb78ba069b12f7e955219bd7648","sha512":"67d065286d2ff75f070af920e7488d778fc79502e676d05a12dbdfe6b81c73997b0b7f9b6d7fc72d73017258480a4b30f402c881094a7b05375aa6523de3ffa0","ssdeep":"","tlshash":"85716d560c9dfb64a3ca04710c60ece41da5604844086eca6fdceb1b799eb165f634a2","first_seen":"2026-05-22T03:52:37.546322Z","last_seen":"2026-07-04T10:35:10.543151Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1454,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":870,"receive":584,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitget.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.396Z","timestamp":1783161267396,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitget.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 635\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":855,"size_decoded":1011,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bf20d57128ebb8b01a66a75bc63389eb","sha1":"3c23b47357b9b661117d2722cf6f1c820da21ad8","sha256":"afd06be4b53eaafb7823c257e24b2b2c33b522f69132389a41060be8ef7efbd5","sha512":"f2b29ddfce43365a15102c2b134310a058d152a5b5721757c80960564ef1314a68ae9b10c75cc355a2ef0b0cf1cbe935f2ade5c022407c3d76deda247333ae48","ssdeep":"","tlshash":"f21192e48284a428c0b8c0205bf496e29d2da0dec306458eec923877852398b9cb23d8","first_seen":"2026-05-22T03:52:37.461107Z","last_seen":"2026-07-04T10:35:10.544295Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":858,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/ascoin_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.443Z","timestamp":1783161267443,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /ascoin_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2595\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2595,"size_decoded":2924,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"c2bcc296f4ad11b013db993e9cd8d925","sha1":"8f469808762cfdc9776e8353c0c1e1bc3797860e","sha256":"aa2dcde64d4d4a644c6586eebaae05c126dbf25072c44522545a2da0d52fc1c8","sha512":"86cb2b066f53dda96c911bcb748d7afe755b40694b8ba251a2bbf364e31381c16dad6263517a12af7ef462301e3667a31447eeaae88fa3b03d69d47e1cf6375c","ssdeep":"","tlshash":"b1513bb9b7481b80e96f293404805b54c2953f11c6beab3cc2b07917fb1d0d16a58fa4","first_seen":"2026-05-22T03:52:37.402765Z","last_seen":"2026-07-04T10:35:10.545461Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1452,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":868,"receive":584,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bread_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.480Z","timestamp":1783161267480,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bread_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3570\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3570,"size_decoded":3898,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"95fe9cc4ad8662d866abf32557e14666","sha1":"ef874e011cefb175341b63182ade31a4474e1b5f","sha256":"a098ccfd1690d1f81279bb77e10eccce835836979cb83ec5a185ccb33d316878","sha512":"14e3048d6cce57f88a619e83bd11e2381b5f8aa37236ad86a5034a81aa1c96fd647d3a842eabebf4c867c9f73ab48939b5c888137e21fe2dcba15b7ce0460627","ssdeep":"","tlshash":"8a715cd9c0d1e4e4c38117a6c2c213e1fbe4aa19428b0fddcc1951c8e5aeb0f36d9894","first_seen":"2026-05-22T03:52:37.738544Z","last_seen":"2026-07-04T10:35:10.547017Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1493,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":832,"receive":661,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/chronomint_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.489Z","timestamp":1783161267489,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /chronomint_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3895\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3895,"size_decoded":4223,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"bc7e55dc8b15a567ec3a6015c040dc22","sha1":"6c5dfbbe5589d7386025e070bda46abafd70871a","sha256":"18a45a4009e74612eb91cfe94c2b37fb7a15717f1a128ebc2aa5559f1add7159","sha512":"5d6885f9581730160b9a36af7e8fdd8b121d37b458ad76a8e2432e0b4e710ebf7669428d77588a246995a2e9cb47855096953c5c2b65889f8bfb4a5b63236d27","ssdeep":"","tlshash":"f6812aaa825da670e91d1e710688b3f5c6f97d705b766f1c5b40083a2b6e0c385ec36e","first_seen":"2026-05-22T03:52:37.465508Z","last_seen":"2026-07-04T10:35:10.548665Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1883,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":826,"receive":1057,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/hydra-chain-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.546Z","timestamp":1783161267546,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /hydra-chain-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5184\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5184,"size_decoded":5513,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"c8cdcabc2c55304c1d600ddeb14aacd9","sha1":"ba19f5319bdaeb3cc21b8cea5434db4b251f16a3","sha256":"d2fd591d06dd90a4455e9ee7a8caecd38368dce5da980600cc74827085e477e1","sha512":"384fe74656b6f656f2ab93a1afee3161ec009a1dbbb5339ee5cc714ba69b6c9cd520bcab3c1dad436e533076f4e311f6588dbbfa9d3ef748644deb6be3a1d9d9","ssdeep":"96:X894v0oM6+I2X/4SeL3jefk9yqR4jNkwAy/kEZkWbKY0UZ:sJoMk2P4SsqsBUlsFWeZUZ","tlshash":"2eb18fe6df4cf204d68e0a789ce41f22dbd20e714597ef5cc1c0b13a634a0a25c31676","first_seen":"2026-05-22T03:52:37.659777Z","last_seen":"2026-07-04T10:35:10.549869Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2300,"timings":{"blocked":1270,"dns":0,"connect":0,"send":0,"wait":827,"receive":203,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/poolin-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.650Z","timestamp":1783161267650,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /poolin-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1831\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1831,"size_decoded":2160,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"5aea687808412fa6aa7f1c3c9bebd398","sha1":"8915ce52e6ed5f8ccab0f96430bb8377cc63de98","sha256":"f0e5b023e3a49fc6230f0057cccd70dabd10123cc3a271a55c066adcc5bf7031","sha512":"7964c4b16314d408ce594bbac4376f8473d11994208b20fd6f1c7b443d4522f3d1906c4f0152b287243d4d94e8f048dbe118b5713d5d27f70f23a579de3d84a3","ssdeep":"","tlshash":"1c31d7d617692b34ee5c0fb4a441e776c7193f30e593ebbc4444842afb294c2c92c0d4","first_seen":"2026-05-22T03:52:37.428139Z","last_seen":"2026-07-04T10:35:10.55165Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2323,"timings":{"blocked":1323,"dns":0,"connect":0,"send":0,"wait":930,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/trust_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.421Z","timestamp":1783161267421,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /trust_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 4547\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4547,"size_decoded":4875,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"28df7a0031aeb3552bb8c7a561938ef3","sha1":"e4bc418cb55e5629e8f75d2d25eff86f008dd38e","sha256":"8aec575885f3cf5f3564c63222d85dc516916195e84e7a4e4a59d3b34ed9e536","sha512":"23391f08f76e35fcfc47fe95d4f433aa56403e310a7bbc936dc9dffc640797cb04e3c75e5475740f5306c970a6e5a32668cae3dfcde3050a8082f1ec9cb921fa","ssdeep":"96:QSddHgQJ6UjfUXBhlZzZZePNHQxw3vayYNVWMKdtwiacK:QSd9gwUXvpu1oNnSt5acK","tlshash":"0191affe6a57270bc91550614770ab1575c7eed0893b0d8ea59e7383314094cd7500b8","first_seen":"2026-05-22T03:52:37.708322Z","last_seen":"2026-07-04T10:35:10.55294Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":833,"receive":566,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coinbase_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.449Z","timestamp":1783161267449,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coinbase_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 7046\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7046,"size_decoded":7374,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"fa656a7e6ef679ac92e36b28870b9170","sha1":"7829c9dca350d5be3ae1edfc8fa250033de05f5b","sha256":"10e14ab39c291cef6c78a675cc2b8728bffc992a9d6ed3c66527126fea8fae5d","sha512":"fd7af06fb9a69bd8209e98446f4705e44a8f97fcb9b256f46bdc92d58fc022a33002190616dfba3789e1f497e668ab7511d90e8490f30a46f72030066923df83","ssdeep":"192:QSlhbT5dm8LAAuxuQShJvGtkynaiYqCpL:3lhbddm8LAVqGBPu","tlshash":"08e18e44828a263ca3658a27e115b81a243e0ac16f15ba3f5fef70378d2403157389f3","first_seen":"2026-05-22T03:52:37.304497Z","last_seen":"2026-07-04T10:35:10.554125Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1664,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":864,"receive":800,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/keystone-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.554Z","timestamp":1783161267554,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /keystone-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2237\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2237,"size_decoded":2566,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"80c3b8d5035a4e0a81c702cf0b2fa603","sha1":"7b6cc87bdbc4d88972de02ce3a16790bac1a047e","sha256":"f1a33f0ccc567d826a17a0348f38795ed2a91435ad60697bf3139afc014ff293","sha512":"13c0d396344889d43b9130ad2a8387025136e5730aab25dd81673c3c9a15787f8352fd7dee87fb558283e182635a56a5cc4d7384d4645d0353faf07333ba5291","ssdeep":"","tlshash":"0841f79652443628dd2d1b3020a08bb0daa68d71ded5ff5c0c40499b779aac2c9282c4","first_seen":"2026-05-22T03:52:37.523505Z","last_seen":"2026-07-04T10:35:10.555375Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2300,"timings":{"blocked":1269,"dns":0,"connect":0,"send":0,"wait":827,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/lolli-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.561Z","timestamp":1783161267561,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /lolli-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3568\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3568,"size_decoded":3897,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"3af4678b458d874f5d8dce7ab2641997","sha1":"6bb7feaf53c24d127e6aff0f89851440ec035505","sha256":"412b92a102b030166bb7e8c71a0bbcdf0b0db7f3d53c99688e4fca2066866dc4","sha512":"2a9485e7c1fbb2f017eaf4e6ba3430d2ae8ffe39aa712ab2e3a15880444d9f6921ce6a30b272433ec32651888dc2ad819d3a311440058d6d183ff60205ed54e5","ssdeep":"","tlshash":"3f712aa77f046b0cc72d46352488cbd5fdeafe398515c3de848049593ba9cc25d21e5e","first_seen":"2026-05-22T03:52:37.439716Z","last_seen":"2026-07-04T10:35:10.556455Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2070,"timings":{"blocked":858,"dns":0,"connect":0,"send":0,"wait":769,"receive":443,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/now-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.630Z","timestamp":1783161267630,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /now-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3648\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3648,"size_decoded":3977,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"1c2b79668d283fad2097ec9c1fbc83f5","sha1":"9d7d66ea7de30327269976de420b4a5a195352f5","sha256":"c50c265ff0d1155fddd684a577622c7c6aed7054a5ae1c1be65405331748d826","sha512":"3a5447ec10deab2673578974e7e18bc55960468d83dc6d35985d29505853e5af72af163d052075290ad233ec2742fbe0c540171e98f829a6da44124db7d12260","ssdeep":"","tlshash":"f8714a399e489f09f50daab124f38b76d7443e68839193acc449003da33c0e989245ae","first_seen":"2026-05-22T03:52:37.620545Z","last_seen":"2026-07-04T10:35:10.557638Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2069,"timings":{"blocked":887,"dns":0,"connect":0,"send":0,"wait":929,"receive":253,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/telegram-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.713Z","timestamp":1783161267713,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /telegram-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 4224\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4224,"size_decoded":4552,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"66f85e38f7c24164e974f274e35205fb","sha1":"ab5e8ae0d7c0e533b66ed2e00ed2d59facea766d","sha256":"eca7c66e3d04a813d5dc2cd063f86437fd22bd47cc278a869134829a6e3bf414","sha512":"8db029ce6617809d36f83bdbcd4ca03bac91d11686fd2e2555e9f6cadbf87a898edd81996665edca1143a2adf5ee8201e9cdd7d51196f7db2e6591dc21078c08","ssdeep":"96:njubFnVuPGOSiuwKpwcha+hRAceNMxq0HZD4KZ30i5r9peBXo:+V2G5gKpxRRAcut0Z4qfEBo","tlshash":"b3917e28b5d02ee5d1477e209d286f24ac33749b4de03b7645b8c606e8243fc713b6ad","first_seen":"2026-05-22T03:52:37.5417Z","last_seen":"2026-07-04T10:35:10.559244Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2165,"timings":{"blocked":1061,"dns":0,"connect":0,"send":0,"wait":752,"receive":352,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/euclid-circular-b.css","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.812Z","timestamp":1783161267812,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /euclid-circular-b.css HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/fonts.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: text/html\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1251,"size_decoded":965,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-07-04T20:29:07.248534Z","times_seen":138644,"resource_available":true,"data":null}},"time_used":2538,"timings":{"blocked":1771,"dns":0,"connect":0,"send":0,"wait":767,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/ccvault.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.533Z","timestamp":1783161267533,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /ccvault.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 5280\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5280,"size_decoded":5608,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"8bfbfe9a24bcbf78677b51cd7dc9fc98","sha1":"c8b5e6dd8d538ee37b6c9ccb4105ab8ae9b58739","sha256":"d5c63c12be74f382cca56e899cd5dd07179478dbb5064b219c828e76e2bc74e3","sha512":"098cf24b8535e9f478f8ecad370cc643c8fbc29215bf12e137bc594d2be4d84d24613d32937fd6624bf2a7c3936df26c5c815b92c44304e306f3fbc6ba57ee24","ssdeep":"96:QSgHOOHK322QrE7nXlVEv14lmzfaaq0Eprb3jTiFePT2gQ0Gwraa3pV41Q:QSgHbK325r0E4K+ZbfiqxGwramSK","tlshash":"50b14bff078fb17b91401eb35c524c3481e58dd2ddbb240b10bd3a469a4aad8ac9e7d9","first_seen":"2026-05-22T03:52:37.272875Z","last_seen":"2026-07-04T10:35:10.561173Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1982,"timings":{"blocked":729,"dns":0,"connect":0,"send":0,"wait":783,"receive":470,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/rabby.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.652Z","timestamp":1783161267652,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /rabby.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 4779\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4779,"size_decoded":5107,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"2cf7bf62acc45e39695e9b9eff946bd4","sha1":"3d36fcd1c56d9936fe23e5ebd63d8245bf93ebf2","sha256":"445a222928599499d013fc1313a844a004dbb9e36bac8f4269401d4c171c9753","sha512":"5e4910ac60152114739fa65825fbac3f8e70702d20b6776098d3977df236bfced3e73b276e1b875c34163d88aa9e8ad6ccaaa5c1e10a9ba495e917e649f7c220","ssdeep":"96:joooojg5gY1PMbk4dSeV2bwrayc5p3bGoI2QMGzuwIMxMqQ6PiWyIT3goooo/R:7TY1UbkQSG2bwJO3aNMG5IQm9iT3AR","tlshash":"a2a18de2e0e90d91c95dc808179435acef94c405ab7dc359cb0395c630f9534b3b6c63","first_seen":"2026-05-22T03:52:37.716663Z","last_seen":"2026-07-04T10:35:10.562816Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2127,"timings":{"blocked":1030,"dns":0,"connect":0,"send":0,"wait":786,"receive":311,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/favicon.ico","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:30.796Z","timestamp":1783161270796,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:31 GMT\r\ncontent-type: text/html\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1251,"size_decoded":965,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-07-04T20:29:07.248534Z","times_seen":138644,"resource_available":true,"data":null}},"time_used":528,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/ledger.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.415Z","timestamp":1783161267415,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /ledger.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1764\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1764,"size_decoded":2093,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"d270d935ab174b6a3904fd8f13dd6c09","sha1":"7eebeaad33b7e9f3ea1449efbc96ded96f222aeb","sha256":"2cdc2deeebe7a1f7849c50cb7b1d900daadf182571e5359ec93d7ebae54a9dde","sha512":"eac350ecf5a421db0c16db68638058029ae7e7cccaabed55d5be44ac277773aaa326cce29e4f623cc06a18f160cd2896509a4d60b79ba57dbb349925ad89b11a","ssdeep":"","tlshash":"bc31c8ab539cdf0dd65d0f34d4448bb0c7a3bba06d97436d9ca0401ea76d080991d59a","first_seen":"2026-05-22T03:52:37.571766Z","last_seen":"2026-07-04T10:35:10.565077Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1085,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":837,"receive":248,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/ballet_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.447Z","timestamp":1783161267447,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /ballet_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 11861\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":11861,"size_decoded":12190,"mime_type":"image/png","magic":"PNG image data, 100 x 97, 8-bit/color RGB, non-interlaced","md5":"99d276039ef06d58a0eb32fad1c2224e","sha1":"5b7b8aa68b5b16cd2997132b493c3dd9fad9ff30","sha256":"6c2fee908d6bfab33d3fb8067e936e00e55e3067406f03eade19aab6f16950d8","sha512":"64ac41707a56faa43ecac157719547bb478b0c80592ad27bbe63c8ae9d59e88a018e4654e4153104dc7a2e06327d4042765502c88e1e06fb7fc094d02a221094","ssdeep":"192:053pGusUPmGNfbFQHGbE+1qQtr0diUtXG/m3mIjaucEMq3UsLG7Zf0dFk9YxN+M:0tpZslGRbKHGb9tciM2wmoaucEMyy7Zo","tlshash":"a932cff041908e4830e323273201a2ec9bb2b928746975487f7bf6fa77851a570dadd0","first_seen":"2026-05-22T03:52:37.404413Z","last_seen":"2026-07-04T10:35:10.566463Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1490,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":864,"receive":626,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/gem-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.539Z","timestamp":1783161267539,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /gem-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2284\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2284,"size_decoded":2613,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"8762adaf37fe774cf0daded943f91436","sha1":"0cc1157d17c977f24c7943600ee9c8216a00bbaa","sha256":"86d5e636a7f1d79ae15cee3e654a93d8c0074a50019191ad7adb527d2b787676","sha512":"be3f7fd973981d2b35c05ee1260714b8bd1ddbd4aa930fbbb01fe797580591e227a9e77ef58021b578414098c5338eed6b44b0965cea0a84017b125609404e3e","ssdeep":"","tlshash":"ac41f79743581a08ce1f1b757062c7b1d73035396e93e39e494064217fa8ac09c6c386","first_seen":"2026-05-22T03:52:37.720664Z","last_seen":"2026-07-04T10:35:10.567683Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2451,"timings":{"blocked":1548,"dns":0,"connect":0,"send":0,"wait":754,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/simplehold.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.696Z","timestamp":1783161267696,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /simplehold.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 2403\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2403,"size_decoded":2731,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"f2a6e10734cf22c81bb088ca53a0ecb3","sha1":"d6566952b61d77de9b6b966874389f50da277247","sha256":"11f9e0c558fcade1f50a616c1314a792921bf9b7852f9e55f34c2dcb97fc601f","sha512":"b604bced85bee238158b42917691b6d3655d82ee1aaf7469a846b8f4d08c9fc2b50b07eb20f2fff5f396936da5b46c8f4fcb657acea4e733202d38ed4952ee2d","ssdeep":"","tlshash":"69415bcd5a78ba00d607178877f96dc940a25f450b70d1e7aedf46683f27c6e1805479","first_seen":"2026-05-22T03:52:37.188072Z","last_seen":"2026-07-04T10:35:10.568758Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2460,"timings":{"blocked":1614,"dns":0,"connect":0,"send":0,"wait":803,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/worldcoin-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.762Z","timestamp":1783161267762,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /worldcoin-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2780\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2780,"size_decoded":3109,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"18110bf9e5dbd91fdb0429790bdc342f","sha1":"6a28e472c9f248e8e74083c54462c96dc6ed7edd","sha256":"c2409088fb39fce083298a659cc848f7991d2ebe999dc1bc34a89ba70c8b96b8","sha512":"9aea8f864f570816d5f8aa1944a68de03095814e691cce577ab6261bb9666116574a77f64b9e8373bd2fb9587ef0567cd16b7f39531533e7f75203c2337ba26a","ssdeep":"","tlshash":"b2513c5d571c9708d858133440805f74fab329758a9ec35aeb60ce0a5b2d1d0ea0d19a","first_seen":"2026-05-22T03:52:37.525562Z","last_seen":"2026-07-04T10:35:10.570657Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2193,"timings":{"blocked":1097,"dns":0,"connect":0,"send":0,"wait":711,"receive":385,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/htx.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.394Z","timestamp":1783161267394,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /htx.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 281\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":479,"size_decoded":657,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0d242628b316a0661456f0126257d3d1","sha1":"b489f933a9b71e971dcd00c6609dd0a051923704","sha256":"e38a8408cb3ff0c5c82e291e6feb9517996e45bbaae4ef8b49951912d419dd73","sha512":"636b944c98e4b271b65c15ab6d6af55d2d739e50f4c877252443a2136ba339e133c95f576d3ad8a10beec22c65618b5f7fc192364adffeec487a9ab495c9d74c","ssdeep":"","tlshash":"71f02e38d148967cdd7ad3f857343135198d40db30553b5de8e94aa4b0c25d8e66ecc7","first_seen":"2023-11-07T08:36:10Z","last_seen":"2026-07-04T10:35:10.572138Z","times_seen":18,"resource_available":false,"data":null}},"time_used":726,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":726,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bottlepay.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.476Z","timestamp":1783161267476,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bottlepay.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2478\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2478,"size_decoded":2807,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"09585c5b048e85e7f5bad96d36364973","sha1":"bec72c83b4fbe1ba79a8fb6f9fc8b84bd7b96a4e","sha256":"26b623eab4c63ce14132d78bdb7c6cef639a29b78f84119a452b938028996cb4","sha512":"98528ef7b3aee6f56050797c219344d23c1c33f7e9d1eb545139b48020570ba1144321f5a274d5037ac986c30c9a401dbed8881e6be07b69537342a709b01722","ssdeep":"","tlshash":"7351d9672f1a7b89cf1c69b8e4a08744fa712e31c55ba3ad4891c11eff2c0d04d14669","first_seen":"2026-05-22T03:52:37.492308Z","last_seen":"2026-07-04T10:35:10.573505Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1556,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":836,"receive":720,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/carbon_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.484Z","timestamp":1783161267484,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /carbon_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5861\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5861,"size_decoded":6190,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"afb4e721f86d9d0e2457b8ce54e81ca5","sha1":"d3cd5a8efc71dd0550a085be96cf2d07cc60e24b","sha256":"fccdc9cb8a76c8ddac789251d49eb53f4048ce78f1e41469dd576c69a7a31019","sha512":"49719f4c477418524dc9da0f2f8db8b503b6cdfe34e2cfaea9cbe2109f27452404090abc291120aa7e9b6ac7e777f8ab570f5b86cf6869c4278a1c23cb9e7184","ssdeep":"96:L894vigF+etFb03KQPnYsIfDkHbc8Mm2jEWVUaRSRJcD6Yet8Sht6qRWp5k+:4Vg0IV06QPnYsyDkp6EWV5kJo6YeeShc","tlshash":"6bc19f2b4a9a4b4ddd5e177468042b05ffa83fa1f7fb13596144432e77ac0c06c74595","first_seen":"2026-05-22T03:52:37.618311Z","last_seen":"2026-07-04T10:35:10.5755Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1770,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":830,"receive":940,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/okx-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.632Z","timestamp":1783161267632,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /okx-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 3491\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3491,"size_decoded":3819,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"89d71afe060e3b2ed2c83c1e20b16b3e","sha1":"1540cb13b9deabda8e6b58d01bbf15f4773404e8","sha256":"618dc4d3edb1ab6f971444f1c055cf061b27ddb0c7ed72c306d88db3d884046f","sha512":"daff6f2f338dbe23236fe27af412fa02a7dd5a2719e7e92242648f04089039d778c99ec8e5bb8f60b397777175743498a7bff533d6c5b6393637ceea2f1e1ec1","ssdeep":"","tlshash":"18715dd2f3484d5582f76a6a18b20f22c162c1192fb207d58f3dca58dd71e7e16168d0","first_seen":"2026-05-22T03:52:37.443949Z","last_seen":"2026-07-04T10:35:10.578689Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2523,"timings":{"blocked":1700,"dns":0,"connect":0,"send":0,"wait":721,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/polyx-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.647Z","timestamp":1783161267647,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /polyx-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1339\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1339,"size_decoded":1668,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"5110d8ea9bc5092a6ae53e6d2fbefa25","sha1":"bb5a165be88581ca3c754f06be8e413b59e87692","sha256":"46edb3ea8863784d011d5966c6a18b7fc0bee726a815b8703da9c84c653cbafb","sha512":"888397fb58729dd5c3aaa93b989c9b9c167caa34c040e67021c2b3188158579fb831b6bb5ed34c1e2bb3fd6a5e987e8559acc0bca1395f3db426fe67dff26674","ssdeep":"","tlshash":"a221dae7071df492cf245b7b435159a5f3426d1c644f98bc86806c50077bd7e0700b55","first_seen":"2026-05-22T03:52:37.364923Z","last_seen":"2026-07-04T10:35:10.580047Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2462,"timings":{"blocked":1582,"dns":0,"connect":0,"send":0,"wait":837,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bybit.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.380Z","timestamp":1783161267380,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bybit.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 758\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1015,"size_decoded":1134,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8573e542f8692815e7775ae6dcddcc3a","sha1":"78727c5ecc398f1ce30321dc00ee294018167f37","sha256":"e54e0ec146c00b60f41d18a0bb109d2957aa8fa4acbc89b69335481fc5f2957d","sha512":"37c75afe0993159ef73258aaaa927e568958ff666dd0c0e04f217fc12e3ab1de004d28fb1adb65719102a9febca7b95e123131ab54b947008c0a0d91a3fb0455","ssdeep":"","tlshash":"0411a5569499c83658bca034f63d78c29b267a09824243fee8f129189801372f6e23cc","first_seen":"2026-05-22T03:52:37.355122Z","last_seen":"2026-07-04T10:35:10.582725Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":874,"receive":392,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/adalite.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.430Z","timestamp":1783161267430,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /adalite.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2398\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2398,"size_decoded":2727,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"131dc8506d2bc6e6c8ec46f2b45a5748","sha1":"f0c52128971f9df9b5ee29d81cce27a69bea5d54","sha256":"ca46e7c0b2b17a6765c4d9262e7ad8ef16f573b61545ce8390a0364ee1c0667f","sha512":"57871eb0b87ab968ce8c08cdca5251fe95ebe84a26397c52bde35bf0081b0512f634524d1335398129cf25127fd4a0f5877200d4518a14be12e33b03d51ed609","ssdeep":"","tlshash":"70410a963b543749fd9e1b7010819ff5c2263d79ced7b65d8442404db32d4c85969186","first_seen":"2026-05-22T03:52:37.249619Z","last_seen":"2026-07-04T10:35:10.584036Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1424,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":880,"receive":544,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitcoin_com_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.457Z","timestamp":1783161267457,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitcoin_com_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1014\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1014,"size_decoded":1342,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"558b224c1be91f4fbd8c4043fe363042","sha1":"8ccb5aac71e76166111ec64b882b87bdefc721e7","sha256":"df16ac539cd561d6789ad80c3e4a6eb2faae5a09d83958ab195a97d7aa5daf3e","sha512":"dc46550cfee6e6d0928b445dba4f509665498ebb2ab60354e357b5f9b514026feb0a5124a62458b633be534901f40fbfd4a78c34401a445cdf3db1278c2e24dc","ssdeep":"","tlshash":"6111c2f49cf4553089c43ea334a82df2bdf9093ae8118c8937d892c1f4569d860abf65","first_seen":"2026-05-22T03:52:37.254034Z","last_seen":"2026-07-04T10:35:10.585288Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1481,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":855,"receive":626,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitpie-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.464Z","timestamp":1783161267464,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitpie-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 9329\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9329,"size_decoded":9657,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"0bc785ed452492e1602fffa398a84603","sha1":"df79f52d083d8fa3fdc13260cb41fe96bd74f3a0","sha256":"23805229de6608105ecae268b33291c064f797e8a5c1d51ed6094d84e411e771","sha512":"356580212f9b312ad7dfdab6df5ba6a556f7f9a023d169e1187986a2a05b367e037e9d87e2ccc34d7388a01722d16f994a0f7685e3a718581aa73783e939e524","ssdeep":"192:gR/JxZiPFpql57bSoKqcQyiCPzmWtVhuQ4mI3r1/u8i:gRHcPUASPypztTnAI8i","tlshash":"3512aec1fa0bf87e4343a70913ac54d10e6a638c1f7d5985292afa649fa444b1eb6c1a","first_seen":"2026-05-22T03:52:37.409793Z","last_seen":"2026-07-04T10:35:10.586336Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1729,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":849,"receive":880,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/blockstream_green.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.473Z","timestamp":1783161267473,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /blockstream_green.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2477\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2477,"size_decoded":2806,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"75f65b6acc8f18921fba81cb1da06f19","sha1":"3ee3c85676d16cf82d03436193e90f10d5584bbf","sha256":"6c9d1a4ab6e03414a533570372b48f9774949cf045d3e0068714afa10e9583ee","sha512":"3d86662be1e64021f07fbf34912ec4adbc420efae268711fb6655286163c58919971b4e83c88ef35d78996e2ba007fc824d15527434e670b25c42403f9df2a69","ssdeep":"","tlshash":"1051f9e643bd0f06c95c1b7060042baddf30bb315bdb5b9c898a451d73aa4804e997ca","first_seen":"2026-05-22T03:52:37.480721Z","last_seen":"2026-07-04T10:35:10.5875Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":839,"receive":701,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/lumi_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.562Z","timestamp":1783161267562,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /lumi_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2731\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2731,"size_decoded":3060,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"daf724b79d5edf70735ddaecbfa55e22","sha1":"78577e6b8237fdba2cd2d1486254f860d763423e","sha256":"3e395c8b4d75f37fb9853a4c2d6ecb4cc70f48bc821149ba2b5499dbf5490fd8","sha512":"9ce427538731d6461f274f014e04842222f81d929df0f4905ddff1e3316cdfa670f0efc3875f49f196c82065a5f9b1a2ec6587fe19ec6e75ba18011d95ad74cd","ssdeep":"","tlshash":"0b512c26bb960726d81c1f7538200ff1ddd49d26d81d479edd418555fb3e0c4ad1c94a","first_seen":"2026-05-22T03:52:37.755947Z","last_seen":"2026-07-04T10:35:10.588871Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2070,"timings":{"blocked":858,"dns":0,"connect":0,"send":0,"wait":769,"receive":443,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/polkawallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.645Z","timestamp":1783161267645,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /polkawallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3017\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3017,"size_decoded":3346,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"3f975841e0b8449c2bd50a0822618a4d","sha1":"27129b15ae6c1840d7bc233a6d9899766fdfb3ae","sha256":"94a35bd6a30a09088aa8275a618a5d82fb8cbcaf4c78acfaf1d1e691cf53024b","sha512":"3cc801168839e63bc4f8a568a8b85c140e49bb40c052655d540eb489150158119ad1b58d1f6b54516aa8f82e9924dbb2ea01cb4caf9a6862c0611d3e55bf3ab0","ssdeep":"","tlshash":"02511a911b980b19de2c2f34f643af7bceb77e369dc28bfe005241556b260e21c18669","first_seen":"2026-05-22T03:52:37.606677Z","last_seen":"2026-07-04T10:35:10.590175Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2086,"timings":{"blocked":988,"dns":0,"connect":0,"send":0,"wait":827,"receive":271,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/zengo_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.774Z","timestamp":1783161267774,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /zengo_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 5067\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5067,"size_decoded":5395,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"6743a9c4424191c96e374cdae7e0eeaa","sha1":"8068b752efa6d2fffd62a507b29062fff00685b4","sha256":"530bac2422d8a8a9d89cb6548bf417d483be5e3cddf94ddde6c13d7808dea94d","sha512":"fad57bd28b9f1792c628afafdd4b390cee56b046d118c243eff2cd2ddcbc841b1280e138254f24ad0e179b899a2ca327b274e22926243312f21c5163890263e1","ssdeep":"96:ojsxn/9XyT8OYas0QB0G5A/Xc7TocqCjLopMo/cQGXJx0nEYH0:dx/9CQOxE2f6ToNCjEpOxxeEYH0","tlshash":"1ba18dccc0d7d32a9f00137b9d6f7162bd601aa251609687123cdbc8ea927ef2436238","first_seen":"2026-05-22T03:52:37.259253Z","last_seen":"2026-07-04T10:35:10.591728Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2608,"timings":{"blocked":1842,"dns":0,"connect":0,"send":0,"wait":766,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/tronlink-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.427Z","timestamp":1783161267427,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /tronlink-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3934\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3934,"size_decoded":4263,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"e2b871d05156c58d1455da6e6bfadf39","sha1":"e6084fea2bb2bf9a749c031fdf21e8c86e99c4c2","sha256":"498b4cb6a3cca9a77a4e87eda836dfe6c981c2fd29dc20d0580a75e053c54f60","sha512":"27ef7b7c9b4e5ecbc94b62780dd0e1097fd872fbf332159d7e61843aa7b1c61131ec6d050bcc2b6b7cb4ff83587f0db4fda12f6240d81b5e2e4808f917bfecb0","ssdeep":"","tlshash":"53815de3211d4610d50d5a76efd86772ed787e23b169b7d9896181273b300c09e2c9da","first_seen":"2026-05-22T03:52:37.587089Z","last_seen":"2026-07-04T10:35:10.592989Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1394,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":828,"receive":566,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/fearless_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.535Z","timestamp":1783161267535,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /fearless_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 4876\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4876,"size_decoded":5204,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"bb29748fe481b68ccd13527a10bffb38","sha1":"362310e662b5fb38d14a8ab115380c9fdd312bb6","sha256":"a6c8ec2dcdc14916f7579f85fde226691ba84d5e8bb75ababa4eb49963c048c7","sha512":"6baf0de7c68b8cacacf3ce781a41d0cb0ca1796300afd2721fee9bb866f0c1ff89d8e35304d48a13dc0a36d504928d8c608d61c94511f1babed2ee29523232b4","ssdeep":"96:3zAEHGcrkX94dS6DVSnJwIxvIal3xgIQjFBZ51wLU/5iQ/XbG3MEc:fH4ySOVS1P3xg3jFBZ51AUwyG3MF","tlshash":"44a15bb6477df7cde1244161a6070a615c6230d41233bbfa7a2b282fa84e50496a9fb6","first_seen":"2026-05-22T03:52:37.469519Z","last_seen":"2026-07-04T10:35:10.594446Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2276,"timings":{"blocked":1232,"dns":0,"connect":0,"send":0,"wait":867,"receive":177,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/math_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.565Z","timestamp":1783161267565,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /math_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 11350\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":11350,"size_decoded":11679,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"07af3cc537c197dde992cf0d87ff57a2","sha1":"13ad1b492c518f6bd23a17ff42562bfbe47d7076","sha256":"379a756320aae24c41bb3fbe42e272acb2949ab5add5b05544ac454718225f2e","sha512":"d6211f7fb4b3abed7bf10a6dba4a0a0d11a6d077c2675d1d304b5c2f530bc07b7cc5b704bb0b63beb629368c1240ef8acd82a80b307fa81932143ce4968ca54b","ssdeep":"192:7IZ4713PZo/zTLPAj8zEd08FMYwsxOLal7Cn8a+9O5MpddRVO6ygd07:jphojoj8zEd0yi6blw8agEMlRVYw07","tlshash":"9a32cfdc9068f9a887c817a091113eb6b5c2c423e3831046ae9c3f2dff3e46a245cd47","first_seen":"2026-05-22T03:52:37.473622Z","last_seen":"2026-07-04T10:35:10.59573Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2487,"timings":{"blocked":1603,"dns":0,"connect":0,"send":0,"wait":861,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/trezor.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.417Z","timestamp":1783161267417,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /trezor.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2328\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2328,"size_decoded":2657,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"1150b30eab103c6a8f06d38c336a3874","sha1":"9295ca621dbb43d9529cb562c9fb370fa1975b96","sha256":"0092876404c823d56c56c655efe3b00c0a17bbb2bbe8ae77731bc23f58719261","sha512":"25ec2ac0c6ab1b884ac41a2743f2176cee5c17dc7b6a0c620c5e85d48ba1a2d861c75bda3c95b82a59eaf69bb9c4cc6c87aad26263599c343d704160037533b4","ssdeep":"","tlshash":"a54108b312080b3dd57c2b30e0505b74f7bd3e22e4ead70a4882a408bb780c20e189ef","first_seen":"2026-05-22T03:52:37.806736Z","last_seen":"2026-07-04T10:35:10.597151Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":838,"receive":422,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/amon.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.435Z","timestamp":1783161267435,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /amon.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3109\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3109,"size_decoded":3438,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"b5952064423bfbd924d135054d531e10","sha1":"c6e965570eb89c914a29e988776bae34f52e1bfe","sha256":"39631463d9bd96f78838b100cc3f9516998f7a6d22ff0544c19d3483d2d459b9","sha512":"264b34cbd3ce880201f8ea232a3ed5235279a1d03c8f812124adae868c762a31a82606cc52be1bbf80b1f3ef8a5c405e271d1048efa3b805015c4d10fd973136","ssdeep":"","tlshash":"ec513b76a38d3b18c92e0e340050cfa0f6c7ad14c9f9a7aec0c5814a7f56dd2d6d804d","first_seen":"2026-05-22T03:52:37.801Z","last_seen":"2026-07-04T10:35:10.598446Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1538,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":877,"receive":661,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/conio_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.507Z","timestamp":1783161267507,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /conio_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 5863\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5863,"size_decoded":6191,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"a9846838d41fb9b745e29daa6677b451","sha1":"9acfea0779ba5b1efb7ee05a7df8ce8c9b560101","sha256":"9fdc9fe498bf2d18894240e11422b9a20d086e0ce98e8b74c12845cbfe1ee27c","sha512":"19f74e41b5e6d67277adbb54da1282ce88c65eac4df11008b7c066c44e4b3c2ee61521965310408cda52d73b5fe09041ccc22fd7dc1d2a792c84145370969807","ssdeep":"96:CTP+0lbgLianZnngkdEYopv1Z53rIrHZLLb/6+Yy81/4kdSj+7C09zWQRSB:GG0ZgLDRldEYa53rIrHZnb/6+KAkN7CD","tlshash":"afc17d44dba3f2617a7c08332bd595d336772f86a712782ae01b5c1e3a08f160de6f84","first_seen":"2026-05-22T03:52:37.391114Z","last_seen":"2026-07-04T10:35:10.599746Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1818,"timings":{"blocked":155,"dns":0,"connect":0,"send":0,"wait":760,"receive":903,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/revolut.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.370Z","timestamp":1783161267370,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /revolut.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 5866\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8509,"size_decoded":6243,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"09e9b0a7eb34b2e46995f53c29ede0bb","sha1":"44f671d4b2cf746413f3550ae56836d057abb41c","sha256":"1ebd4ad7b678b1edb3fcd9dfe671c8f7c7f7f6ca877c8dc5de392cba9dec5bd8","sha512":"f5b7ff6b0a804983923b3c0ecf3e16f97d31fa03bb3fd730f6d12b337a79132f3e5efdd6d8efa11260be5094561a309d083a369ddebdd026a1133ddf8ed27eb5","ssdeep":"192:9s/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZaMXh557LqGM:HyW3G4ySbGKvPaCLIr","tlshash":"31029ff72c85502e543d99c8b82539d1ad71598f42f0439c6669a758e0b2f7ce238c9f","first_seen":"2026-05-22T03:52:37.408123Z","last_seen":"2026-07-04T10:35:10.601412Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":884,"receive":422,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coca-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.495Z","timestamp":1783161267495,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coca-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2786\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2786,"size_decoded":3115,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"f772f068352fa1f22710b16ca45f7e90","sha1":"6c87d3c3a3a8b80fc9c05ad0e97a2b49dd6e91ac","sha256":"df1367186ef30bc4c4da4d14f13f3e8c66c177224a927a265cdec4db4d097bab","sha512":"c47b4c9dc8cd031ebd5e0e37af2af5359d75dfd4e875472a3ff2ff13d6bdfd767bfb6691c468a8d0e1223303fb457d40d6a6dda02bd3a963d11e9b3aac874334","ssdeep":"","tlshash":"a6510bd2a75c1a14e04c0a396acd4fb1d952be2ac9d7df4f0591423573ac181ea6c18f","first_seen":"2026-05-22T03:52:37.21333Z","last_seen":"2026-07-04T10:35:10.603504Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1935,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":820,"receive":1115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/celery_wallet.jpeg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.488Z","timestamp":1783161267488,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /celery_wallet.jpeg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1744\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1744,"size_decoded":2073,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"770684fc7a599600a6f6a9c6547890d2","sha1":"be6c9e766d6b3da50ff014fca6a17bfe623cae1f","sha256":"a8c8098b3bbec46c5100e4885abb273c70cbf668b85d67d53710a209234a6dfb","sha512":"96d28fdbdf2254a0ac586b8b68ec2daf9969df317488d3b17b176d1909847690baf8debf1504f44f3d4a38009d3030fea27d2aee1e6fac893af3bb46fbb6f08d","ssdeep":"","tlshash":"3d31fa7d5a92d54cdb40d13d0b2c7716b353ec01f708e69e6d0b04e3e1158e2a9c16d5","first_seen":"2026-05-22T03:52:37.807869Z","last_seen":"2026-07-04T10:35:10.604738Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1704,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":825,"receive":879,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/enjin.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.531Z","timestamp":1783161267531,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /enjin.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 3880\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3880,"size_decoded":4208,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"611cfe64b9643e1360188a5f6bbc7e5c","sha1":"9b6bd51f8d1d422b512f54b549cbf8c133b360fe","sha256":"a52ae6cd49826071410040bb33225ed052ff82a1544d6877d3578adef9edf77d","sha512":"cb441263fcdbbf6c3c6786eb4c2d6a72da4a2ed00ec14857e54bc7a38da2982f91b440658635a6297419ab7748485ade6229c23f81fb368df3fad1d98f14f7c2","ssdeep":"","tlshash":"37817cc0f70262b1e20491e111ea9d75ecf28268e07a8c3dea93d82118f838682d6d51","first_seen":"2026-05-22T03:52:37.591534Z","last_seen":"2026-07-04T10:35:10.605827Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2276,"timings":{"blocked":1232,"dns":0,"connect":0,"send":0,"wait":867,"receive":177,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/reown-banner.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.783Z","timestamp":1783161267783,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /reown-banner.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 768\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1680,"size_decoded":1144,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2d41c7c8479c91b90b560eab3912a037","sha1":"2cd033fe81c3748e3a2ad0e35415f35fed6af487","sha256":"c47138472c8944c6dd131c00ec740d77791276a8831227c1f4c134f95bf76209","sha512":"b61b5f929ac5f300330a065c4297b0aeff698a122090d5835d5ddb2f884cf85ce148506af849c88372afdfe755708270a33fc1ddcf592448bb57c9172cc341fa","ssdeep":"","tlshash":"393132c52b14140d41a70fbdcf3f3aa7143265fdb8144a9ba55aeac5bcc19d83c90e82","first_seen":"2026-05-22T03:52:37.535447Z","last_seen":"2026-07-04T10:35:10.606826Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2192,"timings":{"blocked":1137,"dns":0,"connect":0,"send":0,"wait":902,"receive":153,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/backpack-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.446Z","timestamp":1783161267446,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /backpack-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2071\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2071,"size_decoded":2400,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"e58ff886cc1c8657fe7c82a147f22419","sha1":"176b647da467f11e16965d8181742a0123a8a175","sha256":"0e06de8f262208edf9c6dadfc80f9de9a932b967804753d916740dfc9839d6fb","sha512":"70abfcb4c5b0ffc31148ca3d3a57b8430a726784a0166337dc1ff2c050f8369936e3c18eac4c8dd5f9ec6f7c67bd311e0e1bf3e25071d9ecdfc7fb7ee4ab3e65","ssdeep":"","tlshash":"7641b7a58f546b69f84c2a79209067a5eb263e779b9b4b9d0400010a2f39481db5816f","first_seen":"2026-05-22T03:52:37.515151Z","last_seen":"2026-07-04T10:35:10.607843Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1746,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":867,"receive":879,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/buoy_wallet.jpeg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.482Z","timestamp":1783161267482,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /buoy_wallet.jpeg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4050\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4050,"size_decoded":4379,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"ba0f3ee743c60571a470b3ad2794556b","sha1":"53bc6b8c464707ab9118918494c9e0764093641c","sha256":"d40956476653b3a4e39a1e4d4b912860ed0dcebd22373ed9f07b82c625494753","sha512":"94118ea5fed53483219ec41cc7ce0a4b794170ad4214300171949d1c8d156f254ad3913c4000dc182f8596e4c52306c883c6ed6c91da5b9078664d8e9f67200b","ssdeep":"","tlshash":"7b815b103a85a572faed863d64675068f310ae293831ec9d0eed3c51bda998374cd367","first_seen":"2026-05-22T03:52:37.456722Z","last_seen":"2026-07-04T10:35:10.608727Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1731,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":832,"receive":899,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coinspace.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.505Z","timestamp":1783161267505,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coinspace.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 5563\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5563,"size_decoded":5891,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"ed587dcd6e2d97198484a93c8edd1014","sha1":"454b91b1f0c4a9d7a429dbf81ed8f2c055569a07","sha256":"49daf6ec7e6cb9b8fcafa7ea62f954086fe3147045a2d9e0d9a2f2bbfcbb326c","sha512":"e3784f9730a95622e8339a92f2efdd41a5484f5cdd4535f82cb642b0900a8f97e0e7cae6a480f73a5b55b39ae0f58ec91dc4702ebad3aeafa290c7e813c7a01c","ssdeep":"96:x0SDep1zK9H+fqHBoW3Yq0iocZu08Any0siook1AsU64Kc9c8CJ1q/xueeXAgMNn:xvASH+fqHBV3v0iocB8AnA/1AP64K8qa","tlshash":"a9b19fd85323e760c68f239526295272fa3dfd4b647b38ae5a21f15a3814dfd4280309","first_seen":"2026-05-22T03:52:37.222567Z","last_seen":"2026-07-04T10:35:10.609626Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1909,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":794,"receive":1115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/freewallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.537Z","timestamp":1783161267537,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /freewallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2748\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2748,"size_decoded":3077,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"5fda280774fbacab257184ee576393d8","sha1":"f6bccf68b54f93ddd489cd838acf4cbc66ab3eeb","sha256":"1ba3ef499eb960da66f3a0be6dd69c468926aaf945f8b99158806a83d66a3465","sha512":"449d19359a99d3cd1fd7fcf87e318816786c9b3a813594612905583b6a5dbefcadf4fbe701f7eb78e7d8a191500f11710fe3961f838250ed3857efa40d0f2e15","ssdeep":"","tlshash":"b851d86053152f0cd95e7e7984804b30ea7afa73aa4aa74d894150f47b580e1ae2f2d5","first_seen":"2026-05-22T03:52:37.362758Z","last_seen":"2026-07-04T10:35:10.610657Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2431,"timings":{"blocked":1512,"dns":0,"connect":0,"send":0,"wait":790,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/lunie.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.562Z","timestamp":1783161267562,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /lunie.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 5234\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5234,"size_decoded":5562,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"a16a40371efcdedfbd1c65c3ecec4146","sha1":"f6b5ce232dd1ff9b5649524868c055c3bb0747a5","sha256":"61790b17dc05837424f6a4a27c33cacc90f56219cefe551378cc164eda378b0c","sha512":"e1685b790f7898c01835437cdc2a6637438f702ea5074d2fe7d6c23e851cdf1f60ee5fa9cb4a59e0127635e10cc788b3770cf4f150ecbf469d645eefd341748b","ssdeep":"96:zqRr3XWKmTrNqUxLzI+PQ7QCDoQJfRpZfBgZlY9OZDD5LepjUmAKdAuPF:m7XWtvNqUxLzI+GQCDoQJfPZBQY9alLa","tlshash":"c2b17d9d9caa3c69c94cc471518e711ddc12866fe9383f489c70eab81c7830468eb92e","first_seen":"2026-05-22T03:52:37.814628Z","last_seen":"2026-07-04T10:35:10.611603Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2070,"timings":{"blocked":858,"dns":0,"connect":0,"send":0,"wait":769,"receive":443,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/myetherwallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.585Z","timestamp":1783161267585,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /myetherwallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3691\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3691,"size_decoded":4020,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"b550d0b872d96a969fa8cd9976fd840e","sha1":"24e04b3cd2bad0d4ae6dd89f936eeb42bb3ffb60","sha256":"1c34ba62f88ce4283ed159e0d6912d28162ec7c86cd618b61bc204e6539924f0","sha512":"2e3bb63c06a2862265b81572e31d68ec00f7fac014061a4642da5ddef909c1299bfb7b2bd7fbc807048a53c053f81b0f6b06a8aca71ed2ef1c51e3fd07b7314f","ssdeep":"","tlshash":"59713bba73986f1ce12e1d3816b0d772df5dbe22bb13d30d8685925b23a9401d46c195","first_seen":"2026-05-22T03:52:37.67765Z","last_seen":"2026-07-04T10:35:10.613319Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2268,"timings":{"blocked":1248,"dns":0,"connect":0,"send":0,"wait":808,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/veworld-wallet.jpeg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.757Z","timestamp":1783161267757,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /veworld-wallet.jpeg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3616\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3616,"size_decoded":3945,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=3], baseline, precision 8, 100x63, components 3","md5":"a95da2e12203dba1db0b7bff0865a10e","sha1":"9eea582b96314bee8a20b876451fde3f768e668d","sha256":"bb44b754a4ff751379e0abc0098e8cdfb82c7399d79d4222e94953ed591ce87a","sha512":"44afccbf2a6158e324df12b1f74ea8277fe78aa519254297015dd695367c062bb297268645eab621c48252f5867d58fd14a9aceefd2afc5aafcdeb549293b5f0","ssdeep":"","tlshash":"6c715d2ab3451c53e5d1473d98d2dab98b803044f3cb7bd34d0cb7dabeb04098aa0120","first_seen":"2026-05-22T03:52:37.34965Z","last_seen":"2026-07-04T10:35:10.61463Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2550,"timings":{"blocked":1750,"dns":0,"connect":0,"send":0,"wait":800,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/firefly.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.536Z","timestamp":1783161267536,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /firefly.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 3715\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3715,"size_decoded":4043,"mime_type":"image/png","magic":"PNG image data, 100 x 85, 8-bit/color RGB, non-interlaced","md5":"16585b3fb7b168112fdb713f5ce1a0c7","sha1":"2792150437e1b333c0a28a3f5bd0183ee0b1d9f9","sha256":"eab3375f4a462cbbd1562724e6acad35125e608f65e8750fadc34a6ec2606ec6","sha512":"64b289353d7d78d55a7297aa2aec194b5ffa8e6a94c2efc42917e400f3f0da218319e2bcb5876f786e9cdcaae9a75e9d5ee6f0c1a96200f87199ffcb1fa43a90","ssdeep":"","tlshash":"02716cf79d1e5ec0fa4a046513c92bd670fe059066421fbd2da4e80c195bf67b8134a2","first_seen":"2026-05-22T03:52:37.517378Z","last_seen":"2026-07-04T10:35:10.616493Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2275,"timings":{"blocked":1231,"dns":0,"connect":0,"send":0,"wait":867,"receive":177,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:30.424Z","timestamp":1783161270424,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://be-myfin2026.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14868\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 28 Jun 2026 10:07:27 GMT\r\nexpires: Mon, 28 Jun 2027 10:07:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 520023\r\nlast-modified: Wed, 10 Sep 2025 16:47:45 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":14868,"size_decoded":15681,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14868, version 1.0","md5":"a870ee3703f35f3b772e1ea3aff0abea","sha1":"2f73bac27e4fca1630d90813a858d7b815faf5c2","sha256":"691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc","sha512":"eb7e106769da2737a2d128f7b5ffeb145c03ecb3e0d120ea8e48f66b54ccc92b3657c9ba44385b355643e344329318c3d4eddde64b060ef580b419ac09d48add","ssdeep":"384:mVyQfY5SLPyg3mKvJU/rtyXWtnpeb0qY9X3cCI1Ll62yQ:2YS7fWKvJ2tyqM0PXINl62yQ","tlshash":"7562e0e9d92843e74d2019387b4b78df360adbed631a4878e995c49b6014af79122c1e","first_seen":"2025-09-11T17:07:37.667838Z","last_seen":"2026-07-04T20:32:22.853067Z","times_seen":65378,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":5,"connect":32,"send":0,"wait":17,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/keepkey_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.418Z","timestamp":1783161267418,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /keepkey_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 4289\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4289,"size_decoded":4617,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"b11fd5c0f40a37c0b7e53b38005276e4","sha1":"dee3fcaa89d690a0848f3038e858a8d48f60d957","sha256":"fc225f360ab9df300bb737d67a257eafdf64cba91360b7f4a1f9471a82873916","sha512":"6c4b78dd32e2746b76dfb919d49b943820a839f8cc4c78509dea88248a145b3512b0fb0d6b288a6b9ae5d4ebc7f8caf7c25042c190db52238da74f8aafb3fcf3","ssdeep":"96:HRyX3mwXFNjvcG2OTMWg6u8RguyAluX+a7oz+zighx2:HRyHmw6+MP6aAR+oqxhx2","tlshash":"6a917e89f64a6a14cf0809b7810006c1a2d51e19a97f6d62f0bdcd3c5db8de9e722a49","first_seen":"2026-05-22T03:52:37.61192Z","last_seen":"2026-07-04T10:35:10.619105Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1360,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":836,"receive":524,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/n26_crypto.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.375Z","timestamp":1783161267375,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /n26_crypto.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 458\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":879,"size_decoded":834,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e643475d50f296e1947e8d02dba72c72","sha1":"ea2f98161df87b68abc4251c49c9531f41a6631a","sha256":"ed20c66bd99918028de8113261bcc68fb4ed19553b44477a27dca9b1742251dd","sha512":"08b996cdd934e14452450330469a6ea51c5384c4d32b0d7a22761897c0fd5fbf40c501874c84b50daf2e819cd75e4a8fb9b56f8efe49d26c3ed4900d4c29f91f","ssdeep":"","tlshash":"3c118ce49630653ad8c882421f3cf9c4522cb18f41f128698fdd17759e59924cfeaf19","first_seen":"2026-05-22T03:52:37.322268Z","last_seen":"2026-07-04T10:35:10.620238Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":878,"receive":306,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/diamond_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.523Z","timestamp":1783161267523,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /diamond_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2127\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2127,"size_decoded":2456,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x100, components 1","md5":"981ccba2d1b0dcf16d32b57358f9640f","sha1":"467761e9a690018785e519d4d5dfa47e94d5c6da","sha256":"5245d39e05ce1e91790fa2f5f5077de69cad110fecc72022a6f45a0bcd042954","sha512":"9be21ac0c367e18a61190949445fe67789ea6f57cc4da0c220ed4c575cd7d4329f5f71229ae515beebcbcfad787f4c6e731ad67715b73430f2dcf00f8c97d607","ssdeep":"","tlshash":"74411aea8b71d2a5a650fd360c24eb3c21c6dd0064c244ae8a8735313b2a5dcd7a7682","first_seen":"2026-05-22T03:52:37.393228Z","last_seen":"2026-07-04T10:35:10.621562Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1958,"timings":{"blocked":629,"dns":0,"connect":0,"send":0,"wait":743,"receive":586,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/evercoin.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.534Z","timestamp":1783161267534,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /evercoin.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2238\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2238,"size_decoded":2567,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"8285970c7648301f3b9419f588a7f5b3","sha1":"30c4be2b3382e04cc327d3a4eb0082fd9af84ec4","sha256":"212fe8bd973113145bba74ef63e1277b7c141d99de6b8d9dd430e29575fe94e5","sha512":"c291b64ca842f2368e454b068065d80b4a5696a1f2ed3b02eb8ebdecf3ee0b70f4a2e770882618fe772204f0d8b9922bca13f846c293e18566576be80fefbd21","ssdeep":"","tlshash":"8441b7269b9d6f08d95c0f7400619773da16be33c9e3439cd1c20293ab7e8c288692da","first_seen":"2026-05-22T03:52:37.803211Z","last_seen":"2026-07-04T10:35:10.622632Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1982,"timings":{"blocked":729,"dns":0,"connect":0,"send":0,"wait":783,"receive":470,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/fonts.css","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:26.994Z","timestamp":1783161266994,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /fonts.css HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: text/css\r\ncontent-length: 179\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":326,"size_decoded":550,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"f769d860925f32500c88c4cbe48e74fb","sha1":"c186881f0055402f0ca8c5b80e43b71ac8753ea7","sha256":"813d7cf5d82e6928affe328be4a48b0492ec25a0b2c5334d595ac32ff372c599","sha512":"6707dde68224a2fec090967eb2bdc6876d35ddab182d9906a96a5f4a1b004e6334c24e41a4fad307d701ee199992774b6a693a5c761426035afc13b5500c1df2","ssdeep":"","tlshash":"01e08648282a5546b571ad5db3172b20ba8c050ad546e054bb662e109ff2075c751f5c","first_seen":"2026-05-22T03:52:37.804366Z","last_seen":"2026-07-04T10:35:10.62358Z","times_seen":5,"resource_available":false,"data":null}},"time_used":627,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":627,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/zillet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.776Z","timestamp":1783161267776,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /zillet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2974\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2974,"size_decoded":3303,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"6a5849888dd60fb7582e5266b7fae7e7","sha1":"747ccbdda43714e7712a51ca9255766a4e9fdd6a","sha256":"3b5e08a084e60fe4919907375855964ce64638e33f43aa3cf4fed9efc514f391","sha512":"0f88b95de764959d51071f84286c0a02fb9f307cff849e67420e7a9f67b003013f7cd27dbc415e13a47d75a68d153efa2f9c5b135cde24d404288fb5efd445eb","ssdeep":"","tlshash":"2d51f8e667542b0efcac0e3525d08775d76c7960c8abe2ae00c000a7bb880c2853974b","first_seen":"2026-05-22T03:52:37.761124Z","last_seen":"2026-07-04T10:35:10.624409Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2571,"timings":{"blocked":1784,"dns":0,"connect":0,"send":0,"wait":787,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.zZZZhVqDDCw.L.W.O/am=BBBAEw/d=0/rs=AN8SPfpg2wPCELPSNQ-JdhuRpXMrWQt6Ow/m=el_main_css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.271Z","timestamp":1783161267271,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /_/translate_http/_/ss/k=translate_http.tr.zZZZhVqDDCw.L.W.O/am=BBBAEw/d=0/rs=AN8SPfpg2wPCELPSNQ-JdhuRpXMrWQt6Ow/m=el_main_css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"rosetta\"\r\nreport-to: {\"group\":\"rosetta\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/rosetta\"}]}\r\ncontent-length: 4160\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 28 Jun 2026 12:59:19 GMT\r\nexpires: Mon, 28 Jun 2027 12:59:19 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 09 Apr 2026 01:12:55 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 509708\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":22361,"size_decoded":5012,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (22361), with no line terminators","md5":"fb137c98d3f20fa73a9a2a9abc347239","sha1":"5d7a2681b30a3d5c10d4447891d59fbb5daefd40","sha256":"0ecbd1374ebd05d9733e3230e6ccaefadbfd8907cd151221d8af6fdf881b4e09","sha512":"5b67750650f351ef019c6b786108814e7da77321e5b39b7e69d20b266530dfeaee79acedb1f660216105f64d10865dd2d0d7e5b17cf944c0616ac96619c11a2b","ssdeep":"384:gMF8SbevMk0dFzousFqWtdpTrdfzPtcpG:pFPevMfQfzPuG","tlshash":"4ea2ab2117aed019a3afa85354d36dff71d488db50113eeaef5a3352cd822f231ea215","first_seen":"2026-04-14T05:36:00.98837Z","last_seen":"2026-07-04T18:12:11.20873Z","times_seen":681,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":11,"connect":16,"send":0,"wait":17,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/best_wallet.webp","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.451Z","timestamp":1783161267451,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /best_wallet.webp HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/webp\r\ncontent-length: 6848\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":6848,"size_decoded":7177,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bdec7f82a639e7bf35db5867573bdde6","sha1":"9278af3af21d10625f499526eea41a591c31ff9c","sha256":"40b3c8baecf3ddb578ba8bdbea093e110a2fb15aad3b3a53a4d168aa73a2c34b","sha512":"7fa68bbdc88d6c561898ff93585c2ac0911788217f2f35cfe149fc52e16b674ccd1c16712b4d6e98444e2739649589bc4d7dcae385028f70008fecffb3948e1b","ssdeep":"192:sH5xuB9qu5bVs60zaAjYFiWHJwoIFz6enZLZxDwlH3XB:sjuB9nbVpcH+2ooOenZLr+Hh","tlshash":"8de1af46a60f98fbcd08fd8dd19f91e806c696383e9d604f1b89d4900b466cd3497fda","first_seen":"2026-05-22T03:52:37.275984Z","last_seen":"2026-07-04T10:35:10.625943Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":861,"receive":760,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/c98_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.497Z","timestamp":1783161267497,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /c98_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 8514\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8514,"size_decoded":8842,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"44034e40732fd9281c9646fdcb1caef9","sha1":"711401133316a5fa305d1d4d9ea026c0e5f27eec","sha256":"d92ff3b4db8ea9ea16decf2c673a53b96e6013441be6dd2a00ddd9248ff9ef4f","sha512":"17fa466cfa19daeeb8a544cea64a1b7d49f72f8b61c2ac9e008810c9b70f2255e10ce5c00aa7256ef78e79771db921428a56704f2889b8ff16207e66d6595482","ssdeep":"192:BSlPpOW9zxYNk9IivBy6fep3diKnLyUP1OMpLGPfB/I8TQqbafJVQTpuL8HbuhVG:olPpOozj9I4By6WJTOMpLGxw8To3kvF","tlshash":"7c02af6bdb8b959d9bcdfe0a1052235c6ca3b79178211c3ca7dae74a3b5d14c0c401a6","first_seen":"2026-05-22T03:52:37.5892Z","last_seen":"2026-07-04T10:35:10.627089Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1793,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":817,"receive":976,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/crypto_key_stack_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.511Z","timestamp":1783161267511,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /crypto_key_stack_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2634\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2634,"size_decoded":2963,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 1","md5":"b0df04f4052d8edd7cde2a09c6923abf","sha1":"782e1c4c403b9119e51bb28284d48a3098fcd85d","sha256":"552328e9a603fd7053460ce77194a5483c78d8f099be957c7bd34291a9e34011","sha512":"b0388929b21c72008bc715fcef5c11162ab07f6312fbf4bc31f573f83d8875b78a036b3dcb776e844c9dae9baff43f5d2f4270715d7fb5a5954f823b6f5a8459","ssdeep":"","tlshash":"dd511a410b793b1aca692b7615102740cfed3f12afe767cdcac0a81fa2690c6a25c50d","first_seen":"2026-05-22T03:52:37.5676Z","last_seen":"2026-07-04T10:35:10.628183Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1853,"timings":{"blocked":230,"dns":0,"connect":0,"send":0,"wait":894,"receive":729,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/decred_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.520Z","timestamp":1783161267520,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /decred_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2810\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2810,"size_decoded":3139,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"6f1f40322a3bf72b6eeaecc4996ac83f","sha1":"006933b415b5edf5f6c175cc7ca88c8dc197afd9","sha256":"d7221db7e2d419ee6b6ae925527c7f5e58ba3ad081c9fed1a2ce4e74f6064ed5","sha512":"60039cf5898a93390f174368b3c4f2a45a0e977d3cf9bbc1900deff9bf58f5f2961997ce89674cef04d05fa05034ca3008956816bdd745e58c52653e09ce9693","ssdeep":"","tlshash":"9c513ae10f1b1e01ee0c4fb25121535aef7abf33acd953a806f20624bb1a0c2a50c811","first_seen":"2026-05-22T03:52:37.41999Z","last_seen":"2026-07-04T10:35:10.629124Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1931,"timings":{"blocked":582,"dns":0,"connect":0,"send":0,"wait":796,"receive":553,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/holdstation-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.545Z","timestamp":1783161267545,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /holdstation-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2720\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2720,"size_decoded":3049,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"9601bc9d9636d57b58245b1c6c7df562","sha1":"77279c433f33a12dfacb6168fa96347f699eabbf","sha256":"77e65f1c0dc7a24f4812166d3e3a8af477017d0380510c8506a0e8ef42498759","sha512":"5081f96739469e5847fe7eff4a8c728078c50703fe69a522d3179f2b1ccb1baf8e6170595bec1debfdb3c761a82f59035551d8017fcf3ce93fe3335941736875","ssdeep":"","tlshash":"c0514cc12b040f10ec4c397824099388e3a57f509b67a2dd41c1e216fbbe8d06d645ca","first_seen":"2026-05-22T03:52:37.657185Z","last_seen":"2026-07-04T10:35:10.630196Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2450,"timings":{"blocked":1570,"dns":0,"connect":0,"send":0,"wait":731,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitstamp.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.378Z","timestamp":1783161267378,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitstamp.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2726\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3645,"size_decoded":3103,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a636ad197e3024f31575a2e7bbc48d38","sha1":"536e51051067716aaba6a97ce376a2d3840ac0d1","sha256":"d3d5e9ca51bd83803f2a9e6657e159925f4c0350ce495df8ffea394901f0f884","sha512":"fca5dd6c7e333ddedf51886cf7d30c73de2fdda91258303b5570fe23dc7934df1ada5e24ccf04f76ca2165afe3e39f384fb86f66dfc2b4b6712af0e2e1a022dd","ssdeep":"","tlshash":"87718e2cb205683c5541eb0891f74ad2ec1880fcda54967ff6d8b208432be3d2b10065","first_seen":"2026-05-22T03:52:37.261604Z","last_seen":"2026-07-04T10:35:10.631122Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1093,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":875,"receive":218,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/nova-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.628Z","timestamp":1783161267628,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /nova-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2609\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2609,"size_decoded":2938,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"42dae3e93d1d3e45e04671dc98d368ae","sha1":"a77ca1a99b841b1a5f9fd301c592c6f691b1e821","sha256":"09aef40d59b57985fe17a95c4f50a88df0916969115c87b2e657f8398ed798c4","sha512":"047f604f8a9d1aced6e19ef875f393814430dcec07dabb1727f08cd8c85821aa50be7658dc3b1bd455e050d2b965a43ac2212735dc62be2aa7a61f3b0108ac0d","ssdeep":"","tlshash":"99511bd5530457bdd89e2b3061a06770db293f139a71cbaac2d5150427f69c0c90c68e","first_seen":"2026-05-22T03:52:37.240729Z","last_seen":"2026-07-04T10:35:10.631966Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2070,"timings":{"blocked":888,"dns":0,"connect":0,"send":0,"wait":929,"receive":253,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/wallet_io.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.760Z","timestamp":1783161267760,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /wallet_io.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2833\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2833,"size_decoded":3162,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"e7bd52864fc7874f0b24d127a01ab47e","sha1":"d811ee74f3c389713971e2a92d86240e46061753","sha256":"99a6ed80e470b4be1877560651d524a86181b04a7e7c6b5958398109f8f49fe2","sha512":"c3a4e1f0bf7c80ea363db3522cef615690c80adaf387529ed303237716140fa0f8bc26d9e6efa937d056024b48814181975569f70fa49777e34b08281c87491d","ssdeep":"","tlshash":"715129d597081a0dea2f2ef81ed053e1d5183b23aa53671c544319a6f31b4885f0c38a","first_seen":"2026-05-22T03:52:37.706814Z","last_seen":"2026-07-04T10:35:10.633063Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2194,"timings":{"blocked":1098,"dns":0,"connect":0,"send":0,"wait":711,"receive":385,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/zumminer.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.778Z","timestamp":1783161267778,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /zumminer.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2885\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2885,"size_decoded":3214,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"1c903cd9aeac5326865888bb7857acd5","sha1":"07319db2ac36f65ab792ec62eea18b60d3d1b809","sha256":"a73acf046001cd5d81d48ee3d7275f7e78918ab2b3983d88e608f44add533254","sha512":"3bd0bc3e07245265245c0b47b0b96260f3d55d8fd8bd184ee17db560efb04fb9e604a2643a299ddfd571e4d967282d969bc66636c1b85480ca80560ff84b63a3","ssdeep":"","tlshash":"8f5109174a84974dfe4f373511240b63ce9dbb1687a8877c49b10a5abb9e0c00ca849e","first_seen":"2026-05-22T03:52:37.562593Z","last_seen":"2026-07-04T10:35:10.633948Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2192,"timings":{"blocked":1138,"dns":0,"connect":0,"send":0,"wait":902,"receive":152,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bison.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.373Z","timestamp":1783161267373,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bison.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 8499\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":12009,"size_decoded":8876,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"608571706cad8d55cd5605f67025006b","sha1":"6f0bd021aba188221d310180efeb589d3a1f5111","sha256":"59ecd3a07b44555b0911e561fed854d882998f9446320e111b33c6016964c171","sha512":"c25f1cbe05f3224644b5d70f3e8444297ea036ef2bcfebef4670e8214f1fdc202ea387731ce0f1c061aca3e8efc573171f7028ad7ae7a0dde80eccbcc9b2a39e","ssdeep":"192:9L/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZcDJS5CcH0nab0vs/56W/kyVG25cte:QyW3G4ySbGKvPcV8CJab0qBVG2n","tlshash":"d242befa684a2409812491dcb558a7905ec055cf91b097eceda51baae0e139df720ccf","first_seen":"2026-05-22T03:52:37.74533Z","last_seen":"2026-07-04T10:35:10.635049Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1039,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":879,"receive":160,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitcoin_de.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.377Z","timestamp":1783161267377,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitcoin_de.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2071\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2766,"size_decoded":2448,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e52f3a28b1fd32e1b6e1f53e6809b720","sha1":"c431a15dcbd5b36f7763e5fea54270c6be5375da","sha256":"6de8df1ff3f613351bc5ad5790b3ce7714326a9fb9fe707257732b6f0f5eb1f6","sha512":"01a4b05dc6dc418d375e20788f5d47918d3bc0f674f4d7602ab0ca5bda0291dd4fc031e5a34137855c6431f952364905cd6bc69f0878a338855a85a4f37a647e","ssdeep":"","tlshash":"8e513c78ba8f2c9557488c20407f25479f3f418ce22e147be56d58e96f3d4d22061278","first_seen":"2026-05-22T03:52:37.478295Z","last_seen":"2026-07-04T10:35:10.636091Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1093,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":876,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/btcdirect.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.389Z","timestamp":1783161267389,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /btcdirect.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1635\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2194,"size_decoded":2012,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bfeb771ea96163fbf83d19674fa854af","sha1":"91ca18bae694b807b78c369009b9d7daaafa7550","sha256":"30d26557dd101063e35dce8b727a0d0e633c62b86bbfda81cf5d8e922fc792b4","sha512":"57bace5aed89af1ffceb174fad3ebd6ca16cbe4248d27ade25330f09a664e4f823729dd4b7b88c7fd9b90edd69c9bab37263943f7cdac4dccadcce82e57a2049","ssdeep":"","tlshash":"7d413b7f426a8f192db8d3926ad4528b5c347072a800464fb7d7f11050ba794bc362ed","first_seen":"2026-05-22T03:52:37.697207Z","last_seen":"2026-07-04T10:35:10.637282Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":864,"receive":306,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/ellipal_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.530Z","timestamp":1783161267530,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /ellipal_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2502\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2502,"size_decoded":2831,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"007760435b972ee41e9bb56cac64dc41","sha1":"ef612635e7dafe1e248dde19b2a3cee5451d4bf1","sha256":"e03f4511e4b536e7a14ea2f7f66426de085c288105df9ff779e2919245d51ee9","sha512":"b30378f3fbd6fd098b975d3c9bea1a9187d47a2881d9bc757249d5aadcef5f746b3138375acf601bf85a83fba8bb0400bad18f4f92a496efd7674ce31fa6ed70","ssdeep":"","tlshash":"4e513b9397875f2aecae0b34b62117b3c2463d194f85871faab0003873264c0de79256","first_seen":"2026-05-22T03:52:37.280413Z","last_seen":"2026-07-04T10:35:10.638581Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2276,"timings":{"blocked":1232,"dns":0,"connect":0,"send":0,"wait":867,"receive":177,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bingx.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.397Z","timestamp":1783161267397,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bingx.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2904\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3885,"size_decoded":3281,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a0d0f60564150b65a0c39db320b171db","sha1":"e28878156191be68639dc6aeb7f7a3c72e45e98d","sha256":"e02b96fc14b325df763e481f8cba5dcad0da7ab9252b00b345985315cdaa515b","sha512":"481c6fc8057dae2d706b9941f825c6ffa585b2921e32eae2ec6f8973c3dd8130d3edf7508010fd410ce371c1630f0f6065d2bfb50b0a1431c3af707bafc1f26b","ssdeep":"","tlshash":"2b815cc6cd673b095f6e207805f64f0662a18e4d13ebe26e11d8504cf43809236831f9","first_seen":"2026-05-22T03:52:37.692429Z","last_seen":"2026-07-04T10:35:10.639693Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":856,"receive":248,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/midas_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.570Z","timestamp":1783161267570,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /midas_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 7600\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7600,"size_decoded":7928,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"dd057cde8b05ca3ad1389f2b4fe66b27","sha1":"94f65e6cd2b8881eb3bbadc9c7d156a768a1a317","sha256":"ff8f30ca22074b9816725af9335be00124b291b5d1390c198cca609e2e36301e","sha512":"e925b13c2e130de6e1d88b89f7d071dc1f258119383bf6f9b90962a6f91830119028c2afbc9d2eb12bdfe4cd8afa6f453e89f25109eaa9f359bd6803dc3bae42","ssdeep":"192:Ztoj79h5V7d7Tnl7kY1vj/TpTHvxDSNZlEvy0qxPBWlU+CQ+B:Zto/n5X7Tnl7kYdj/T9vxDShFf5WlXl6","tlshash":"19f1aeebe371faa1d9281fa0034980e0b990470b7469bd84e07768d389f0e4999f08c9","first_seen":"2026-05-22T03:52:37.731315Z","last_seen":"2026-07-04T10:35:10.640658Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2306,"timings":{"blocked":1286,"dns":0,"connect":0,"send":0,"wait":808,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/neuron_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.592Z","timestamp":1783161267592,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /neuron_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 7445\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7445,"size_decoded":7773,"mime_type":"image/png","magic":"PNG image data, 100 x 84, 8-bit/color RGBA, non-interlaced","md5":"4bdbdbd7987101c8a394557844b74ad3","sha1":"dbfc8b739736b4e9165082c0857f72813f8ec557","sha256":"2dfc4f627b0162c43dd52b110e10ddb4a1c8967d3aa464a84ccd1f342683e38c","sha512":"fdb427e679e25d0553a56722f2e4dbff116a563036e31a58223e337f8cccd3ffc183c42bd50e7026400bd439e9ab3bc82e72fa782907155c1699ddb3c0fc6e25","ssdeep":"192:R3lQujRj/GDDp5IeCUqu9JzrztNg+2j5CoeeJ8F:Nld/aTIeNqOrztNgjj52eJ0","tlshash":"48e18e190fa86ca84737599b43a4bac46fdc169845dc05206379e80c7ecf369072f9b1","first_seen":"2026-05-22T03:52:37.225203Z","last_seen":"2026-07-04T10:35:10.641819Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2600,"timings":{"blocked":1823,"dns":0,"connect":0,"send":0,"wait":777,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/usdx_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.754Z","timestamp":1783161267754,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /usdx_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3443\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3443,"size_decoded":3772,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"fed0c9296af58e54485d692820c77388","sha1":"01130f8189c89e93f9c471a8c026c9326440e7e0","sha256":"a36b52efdade556c8a3f8d96a6208abdccc324e3cf2d73f420701287d4706387","sha512":"a2e6bdec36b0da8f920a9cdca449fd7157594f564a8eeadf56d6a4d7700ce438783983102dda1c911e7a957a258593b9460fb33a4f1d065570751bb2ebf9bfa2","ssdeep":"","tlshash":"1b611ba6a39cae10fc0d6a30a80053f1eb1e3a269d279f665cc2871433290e95c05357","first_seen":"2026-05-22T03:52:37.652501Z","last_seen":"2026-07-04T10:35:10.643101Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2530,"timings":{"blocked":1750,"dns":0,"connect":0,"send":0,"wait":780,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans:400,400i,600,800|Titillium+Web:400,600,700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.857Z","timestamp":1783161267857,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:02 GMT","end":"Mon, 07 Sep 2026 08:41:01 GMT"},"fingerprint":{"sha1":"FD:DA:E1:3E:1F:AC:E0:96:14:ED:37:58:30:0F:ED:9D:B4:5E:F1:EF","sha256":"7D:36:0C:A4:14:F6:05:8D:F4:E1:CD:BF:84:A7:03:AD:3F:C4:93:AE:B3:D6:7E:99:CB:92:D7:1F:29:A1:49:A4"}}},"request":{"raw":"GET /css?family=Open+Sans:400,400i,600,800|Titillium+Web:400,600,700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 04 Jul 2026 10:34:27 GMT\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25888,"size_decoded":2709,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"9fbead24b0be940ddff6532b4d60b1c9","sha1":"5c6978b6cfc97a7079e943c04b25a22220e8b403","sha256":"cbcc8ad546ae31d02064567bd04a04440085a9fca6ac689107b535295a0ec648","sha512":"4bc73442a90952d7c336223884c3e03d5f8d4c5407c5a5857b58830c2a04a1848b8277c49bdf954f7b1d21f12285ae33ec2af8d896a4123ef3b9d3b4160d16d0","ssdeep":"384:+POmxG+CvxoqY49bjVjXqY4ahhqY4iX7qY4OrP:jiaL3J1/n","tlshash":"5cc22c910417645067431dd623de3e30ee0fa2617084d0766bfe8b9beedadaa63b431d","first_seen":"2026-07-04T10:35:10.644385Z","last_seen":"2026-07-04T10:35:10.644385Z","times_seen":1,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/federalheader_logo.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.349Z","timestamp":1783161267349,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /federalheader_logo.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1511\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Mon, 15 Jun 2026 14:45:12 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1511,"size_decoded":1839,"mime_type":"image/png","magic":"PNG image data, 32 x 23, 8-bit/color RGBA, non-interlaced","md5":"4e24ad6d0f46be328551f821d6b3adcd","sha1":"ce13acdc23e6e31117909b8c3c87dc2983bc0797","sha256":"eec4ddc2f0495ada45849e96fa6ade552674a9235ee809b9c0972fbe79c54ae8","sha512":"d6093e52e47ee13c02eae3f429ab9c6ff1ffae997e9e1996763c0bdf91fb2ced58ec06cff528756ea7b94a0f3514a13eeab90af1cffebd1bad5527dae44dfa2c","ssdeep":"","tlshash":"93318749f990ad01ea45bd8264f7515a895704c0d8e0e191e84fc8324db39fe81dd7ef","first_seen":"2025-06-12T11:05:42.372037Z","last_seen":"2026-07-04T10:35:10.645818Z","times_seen":12,"resource_available":false,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":710,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coinremitter_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.503Z","timestamp":1783161267503,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coinremitter_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3998\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3998,"size_decoded":4327,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 93x100, components 3","md5":"e3348e27c4ceb2266958a49af630c8e4","sha1":"c7cca8f9681b4c7dfdd32104fffdd239050a64b9","sha256":"b3ee9b0cdea93c67bb77bfe0bef1026ce1231a8e2e6308876f7d830e862f6444","sha512":"de6375d09a16a3d1329656607d2be35d0e38db207a791731bfdb52a8d3721395463e02c7ec15dac2071f2af10004b8e3bdd937a86445c5c027d1afe5a1f8183f","ssdeep":"","tlshash":"8b814b5c9298dc7eede823f39239eec86e0e695445234ab086b6f07c7d80466d903628","first_seen":"2026-05-22T03:52:37.664972Z","last_seen":"2026-07-04T10:35:10.657234Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1919,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":804,"receive":1115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/zhip.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.775Z","timestamp":1783161267775,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /zhip.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 6187\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6187,"size_decoded":6515,"mime_type":"image/png","magic":"PNG image data, 99 x 100, 8-bit/color RGBA, non-interlaced","md5":"ee1530d45f10c6191d21f44dca93dcd6","sha1":"ebc25af75c5ebd542a0b68891c99ec89a7f101ff","sha256":"2eaee3b0af41ce80e2f5096346dd06915b721e4aaa959ce3f26d69e1bda302c0","sha512":"e41e53b2b5e3ea2e5bc79945dc077e91a48c7a930f5a9718d4966105cfff3e0db25c389cd13db0f2a17858076d1b3ad3f9e3ffc65e1eb65dcd02b73806e55bfe","ssdeep":"96:OfUa4JIaJFMbY1iw9GnNuT0NImqx5Tvib38gpkI5wScuzaOc/UCzlNvAF:Of5uIq4eGnR6lYkIeScuzTcSF","tlshash":"02d18ed8efc5567cce39f173063c6ab1d908c0ac5671b702aea248c2bd918959bcf11a","first_seen":"2026-05-22T03:52:37.74048Z","last_seen":"2026-07-04T10:35:10.658945Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2571,"timings":{"blocked":1784,"dns":0,"connect":0,"send":0,"wait":787,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coinmerce.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.388Z","timestamp":1783161267388,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coinmerce.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 8838\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12453,"size_decoded":9215,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"84918f1f55ae5ca5545c27843889174d","sha1":"a5527c2fd41479d61c7ac7407a5f2d5a88c6394f","sha256":"577b91f2b001e6740570a1f0517ea9fad6d47513db7dc0d6c7e89d51425a85d3","sha512":"f8faead78eee6e9d8777ce119494b10cffd2818803e96a0b5c0bf28dd8c04f1c0e388d843a6b4e0b8138205de28f77ee627b175e890e98c89d889b71ddbd980b","ssdeep":"384:LyW3G4ySbGKvPiC5qidORIO/EYPP89meFVLRCA8Iu:9/Xp5rd0IO/DOFpRCA8n","tlshash":"9f42bffb2446283d680498c8656075d16ef0554bc3d093ccae6dab3d93b169cc30ca9f","first_seen":"2026-05-22T03:52:37.72574Z","last_seen":"2026-07-04T10:35:10.660725Z","times_seen":5,"resource_available":false,"data":null}},"time_used":981,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":864,"receive":117,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/braavos_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.477Z","timestamp":1783161267477,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /braavos_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 10771\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":10771,"size_decoded":11100,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"1f6b5e0f76e4eaf14a989bbf915c82ac","sha1":"dae14fbb0969c6e8749207eec42d304cf0a5c480","sha256":"9abf6be32a897033794fb5933f4f9b03f0fd2e93392445563a8e7cdce277bac9","sha512":"89eb603847bbbb9ddf181b62465415784ebaa40918e2071fc2b59584141aec49474cb5c9222763ba00778a4b4165ab10313e33b4385d7506dc63f03551b4a943","ssdeep":"192:i2Y6JdS3QqVCVOYHVnAuQA36tQf+VaxwEKVnuoRRmTLaXBwjBQFXip/9l2kLbA:jYMg/VCVvnCttQf9sVnuaRmTLaxcBQFp","tlshash":"9a22bfa73373af48e445765f604b235a47ed0c6330e2018cea5bc3a47a987708a6a57e","first_seen":"2026-05-22T03:52:37.366931Z","last_seen":"2026-07-04T10:35:10.66233Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1835,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":837,"receive":998,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/kukai-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.556Z","timestamp":1783161267556,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /kukai-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 4973\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4973,"size_decoded":5301,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"a294144961f44b961170c99d1166d9df","sha1":"4f3d604132fed240707472b0aad39e30d047531c","sha256":"285891be49509234ae3f78101eb24e657ae289043db39385c2acf664d313bfb9","sha512":"479d0a73498c7409110cfd70a5da3c30515e5e32179a3a44dfbb07237d9cc922f1724a18112b8527d5f5e814547733330b7409c97901099e928c2896df02df8f","ssdeep":"96:5qRVFtvPEJT452Yg1ImM3Iob1diIXidoNpCTZM+J6Samzfjj0nnfr:5qRJnEJctg1ImwIob1dXdN0NjJqmkD","tlshash":"8ca16ecda225c8665d4c11ed8034f56bca7a8d8304b6847c4ed69ce84dc97fcb10db59","first_seen":"2026-05-22T03:52:37.26374Z","last_seen":"2026-07-04T10:35:10.664488Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2566,"timings":{"blocked":1686,"dns":0,"connect":0,"send":0,"wait":779,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/rainbow-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.681Z","timestamp":1783161267681,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /rainbow-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 6595\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6595,"size_decoded":6923,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"d6b432cced56b509d4881c6717872115","sha1":"2a87e83639610fbe0280649e7d9946e616306c19","sha256":"0344d2c37bfae4ad4a11104073869e5563612df0685bfcbdb1fedd8b87bc9ccf","sha512":"fa44fbe370afbe59b71c9d63e5361d633d6c8a7dc0a072a45cb2b8aaab8676e90229caaa0e927f38f83196a569542230c8a36ff9466a8c8dd78017d62a2f7606","ssdeep":"192:S+x3FoYVmqHTkfp5/V2EFX+FRFM2KykVa7CpecDZOs1Aksa:D1oYbH4fppV3FsnKbVa7vctxZsa","tlshash":"36d1a0a5f5b2ee04be43f6185f1de28164548bc1d34589c92af451dcbbcbbce7486842","first_seen":"2026-05-22T03:52:37.644998Z","last_seen":"2026-07-04T10:35:10.667405Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2143,"timings":{"blocked":1029,"dns":0,"connect":0,"send":0,"wait":786,"receive":328,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitbox.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.423Z","timestamp":1783161267423,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitbox.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2437\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2437,"size_decoded":2766,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"738312817bbd5b87464ef1df95ec8f33","sha1":"bf8386b8e74703892e337be498aefe8ad54564f6","sha256":"5b68c2a7104d61aafaafbd31118ee02fe627f20601397fe84baf68fb655647cb","sha512":"1b3897e81becc0cd8eda488c7f324f4841fafe41882b932419107209c9bac861ad43fa806505bb3c8ed5e2cee5b56480ae35c3dfe1f5fd73e27dac34366032cf","ssdeep":"","tlshash":"f241db9527181f45ed1d2f7560c0ebf7e6a93f32cd83c76d45c481647f9d9908c5824a","first_seen":"2026-05-22T03:52:37.331044Z","last_seen":"2026-07-04T10:35:10.669115Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1397,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":831,"receive":566,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/citadel_one.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.492Z","timestamp":1783161267492,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /citadel_one.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1135\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1135,"size_decoded":1463,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit grayscale, non-interlaced","md5":"430eb993cd30600cf70dd5283f0c1a42","sha1":"0021196729c65c7cdd606f1e79c0f0fb2f921cbe","sha256":"f412a16fbfb16de77a3064483ad0a54e45dd3b099f744ead2a422fb95ba8c24f","sha512":"f2d4a9f19d4ec2f6dee22483bdd26901f2b91a8bc1f8525cf227b65cd713e4fc250287b821641c602d228652f1c9281b41a6cee76104651b9b7d068912df718d","ssdeep":"","tlshash":"f421f9f995287f4cc55326b142e15760f82995a33ea50540f643fd4d5c7c3a26b330a2","first_seen":"2026-05-22T03:52:37.672313Z","last_seen":"2026-07-04T10:35:10.671231Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1914,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":823,"receive":1091,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/walletconnect.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.781Z","timestamp":1783161267781,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /walletconnect.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1986\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5413,"size_decoded":2363,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c621c089567860f70b733de2aee33198","sha1":"8af1aa4423ab9c4014bb2786b835a2c6fb09f8c9","sha256":"21912fc6b702707193389889bb426fe0a9efc5b4fc51d78e85c9656d58a15def","sha512":"f4a6bbaace166be8c4100095ba528c4512cf4cb307b742c0ca5f7c8daa83c1c494dc17e1fb0c2ddf7754f4e8cf83461cdba889a43ca14b1c68c9b6b88f826f88","ssdeep":"96:/YbHksHZVQ4lLpXhsr++4+JDiyjrwgrriwq9S2Smzb5YT/F:/kksHZS8pXhsr/4+JDdrwgviwUUg1YTN","tlshash":"95b1b4dd7bd127d0ccc1f780fb983670262634fa8755c544ebd6362a744662d8c88ec0","first_seen":"2026-05-22T03:52:37.770779Z","last_seen":"2026-07-04T10:35:10.672464Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2191,"timings":{"blocked":1137,"dns":0,"connect":0,"send":0,"wait":902,"receive":152,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:30.428Z","timestamp":1783161270428,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://be-myfin2026.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14724\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Jul 2026 03:15:34 GMT\r\nexpires: Fri, 02 Jul 2027 03:15:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 199136\r\nlast-modified: Wed, 10 Sep 2025 16:43:54 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":14724,"size_decoded":15537,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14724, version 1.0","md5":"b8be966e335e865e3c73faa8cce0ed35","sha1":"d0cd995e87f5bfb0206759b83e5ef25676d0edd8","sha256":"06b675a649489d21b7fd33f19b1c6d37e8bd778ded07ecfec26bbc8f11e694f4","sha512":"2257e0a09a86666b280d44ae551a33d17a6072043a2c38f0bb905847b66217809870c8cd6ab3a6ebce3e04b2ff79bedd11f1b18c7d65c231f8c9f21ed8a26e5e","ssdeep":"384:wK2JDEZSzIQA8yHGXMXvQDxyrGCQYamlyFlGWD:zrB8y0zKmYasKh","tlshash":"f962c0d2c64154daea05b9b35f612538bc99bf462054fd0796cbe41df7230a8fe382e2","first_seen":"2025-09-11T17:07:37.682239Z","last_seen":"2026-07-04T20:32:22.828265Z","times_seen":47213,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coinone.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.409Z","timestamp":1783161267409,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coinone.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 3799\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5073,"size_decoded":4176,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c945b3ca1dc0000fde0327b77af9d0b0","sha1":"02a4fdb94c14f03cd4190a1ba2d6e842178f3dfd","sha256":"562ed38fdfdf0c21f93b32708219291aa5e0e860d722aa90634290d2aef168e6","sha512":"f745c3971bab066bd87267bac8d2e434f8216e9f41b81f24b5dba0e7fbc022fc05a3073e219cfb09e3a17650a44933957d9394471c7f527e22be7da6e9330618","ssdeep":"96:+AzDpHkEOZI9uc0+K45KXjCalKfPl6F2mOGI/qFX+ASOxU9cvKjQoxyAF:N5HkNu9umBo+l6jOed+Opv+Lgk","tlshash":"f9a19e96d079a23e63376e4240ac1d3651fe70ccb9e6418ac8395f00996dc2f017ab79","first_seen":"2026-05-22T03:52:37.529822Z","last_seen":"2026-07-04T10:35:10.679116Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":846,"receive":422,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/metamask.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.420Z","timestamp":1783161267420,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /metamask.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 10168\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10168,"size_decoded":10497,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"44cb3cb6c94b05549c10e91a6c46c9a8","sha1":"929c887e08981e3e62f9b158c77d392891fe1b51","sha256":"eb48d15623538bea8a51a6f81e9566ec4c435a5242c5d9c3d2f51917a3517673","sha512":"93657105e840df624e0fc2da31a9ca3185bbd70fe2b870c88ef1ed40627eafd958c6e30cde77f8aedbc1c30e13a9c7bc7ecf24cb45b2afdc75743f72579a2038","ssdeep":"192:QS7hMtqyKItGBn/Zl4WYhuLnQECipajioFELkd+9vjX4eQkVlT:37hMA7Bn/Zl1nSedoOLkd+hr4ePVlT","tlshash":"9522d0b37d20a164c96f4fe99e9d3c7d37a31a35802885d11765743712c0b92c50b66e","first_seen":"2026-05-22T03:52:37.811197Z","last_seen":"2026-07-04T10:35:10.68121Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1358,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":834,"receive":524,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/casperdash-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.486Z","timestamp":1783161267486,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /casperdash-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3327\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3327,"size_decoded":3655,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"6e95dc9a8f5eae2bc4853f0bd04a7f95","sha1":"30f11005b88d4bc1a43c854ba953dc63fdbf8d53","sha256":"2c5ff9b5b0c8525090398c98ba048d1a54d69a71cff6c584e547ff85b66530d0","sha512":"7f5512ecaab5eedf0215eb68f22db2100c1e657c5791a65146d137b6b2a37f0fc87314afbc4be98a60600eca57425404a8c0c554b094ffa71629062c5538c842","ssdeep":"","tlshash":"6d615e1ac880a0addc59637344710722fef49e2012c77e01fc17d05c4d65b9fe395e91","first_seen":"2026-05-22T03:52:37.429652Z","last_seen":"2026-07-04T10:35:10.683259Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1919,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":828,"receive":1091,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/easy-crypto-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.526Z","timestamp":1783161267526,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /easy-crypto-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2886\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2886,"size_decoded":3215,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"94c34170b7fcd7bd243a2d7e7f98d6c9","sha1":"02b6a4d70070ee81cc27a37951230016a722796c","sha256":"97462cb037f9954a2b1ac5a109b956eddd83c11256a6c5bb3cf9d233b20e3c7e","sha512":"987180c97923bff3f0c27a1014450ed58e15546d5474c1dab99fbac7895d9f7ea7ff19fca02018b4828ff8b22f48c0506020a364fae971c3e05eaeab5b06f74d","ssdeep":"","tlshash":"4151297467980b4ec62d8bfcc4a00fb1d7157930ec65867d9210129473284e7d8acb09","first_seen":"2026-05-22T03:52:37.783147Z","last_seen":"2026-07-04T10:35:10.68512Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1982,"timings":{"blocked":671,"dns":0,"connect":0,"send":0,"wait":841,"receive":470,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/xapo_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.765Z","timestamp":1783161267765,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /xapo_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 3642\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3642,"size_decoded":3970,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"6b2b1e673fdd730a51076b6f42383542","sha1":"144680fee3f9472951bd908fd4f4ac299f47783f","sha256":"87d935c3c1b8bb687c40bf8386c35c30d93a92898a69c1bdc25dda0f298e0983","sha512":"c7e32eeb49768f1c340c8aed8aab2187d57109c4e853f08459fb4473d7a7138cbbdba33e1aed17f4fdcc9c8dd1ba47f9b82b2abb1388f96474aa86b3ef28f608","ssdeep":"","tlshash":"01714cf750904f94a1d80985a97878f58028cdb6563c7e43dbd9e2f4bd42e0cc953e9a","first_seen":"2026-05-22T03:52:37.351981Z","last_seen":"2026-07-04T10:35:10.687071Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2375,"timings":{"blocked":1415,"dns":0,"connect":0,"send":0,"wait":831,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/style.css","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:26.996Z","timestamp":1783161266996,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: text/css\r\ncontent-length: 6709\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":49129,"size_decoded":7081,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"c244190cb7f26b34093b7e8364afd68e","sha1":"817e13bd47140a6832cf054c22fadaf06e08dee4","sha256":"4ac9b043f680f1e80a21576c3e63704b20a2f25d3578ac8643c7b7055a9d7466","sha512":"49c4f63b6eccbb47c59d416b943c6511ee2961c2d713258d393f41e7bd62ec7adbd26626890e1039001af54d36ce1ad4dffc6217e5a5473458b89d1b5316ba63","ssdeep":"768:BrLwQ8gtlhp/tDnQsEqjTZBbeqteLVRe73zqgEObnz:B5tlhp/dQsEqb","tlshash":"33233048eb0510477237eb78abf25759e75890238a01827d7bdc33494ff52a895a2fec","first_seen":"2026-05-22T03:52:37.476318Z","last_seen":"2026-07-04T10:35:10.688573Z","times_seen":5,"resource_available":false,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coinex.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.398Z","timestamp":1783161267398,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coinex.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1678\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2231,"size_decoded":2055,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"53cfe88698b4d3a0ddd5fd47ba94d0f3","sha1":"4ecc646bf12a6d874c70c74e075e5e561ea5868d","sha256":"975d0b2f83c89698d4da33c590875b6032d7bf1a1d8bf02dd9b9f67b6a8a7d68","sha512":"c6672256b1d432d56f5a63297d1826453ff24389f2c21e7055bfa2c959f7a02b76690c2214f665f31498e645ef7820c8b9f352db821e199d41e9db719e2f4b50","ssdeep":"","tlshash":"26411958c231c41f82be9f0072b5115e59a761904d015fd9ac17b610687e2836e776f9","first_seen":"2026-05-22T03:52:37.313121Z","last_seen":"2026-07-04T10:35:10.690029Z","times_seen":5,"resource_available":false,"data":null}},"time_used":971,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":854,"receive":117,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/arculus_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.439Z","timestamp":1783161267439,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /arculus_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2670\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2670,"size_decoded":2999,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"b77f31b814a6e2f4fa5f5cc0d9b6c4b8","sha1":"5e32e96be0d27d43b8ed22d7111d55f9863e5398","sha256":"6f3ec8292339343af4a04a0126a03fe013d22103a8f65665a57c139f21a400e4","sha512":"0c2b99cb9cb55f3e7b6d132d5eede1b77a49faf87a768763e248188af1c1f9e35697218e519848da62077b4d5ed5cf121cf854879d35af0602479953bd697b2e","ssdeep":"","tlshash":"fd512ad8335ca30af6127f7065b073e1c7273a394b82d35ec5e082885fa96c27a547c9","first_seen":"2026-05-22T03:52:37.695489Z","last_seen":"2026-07-04T10:35:10.691458Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1456,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":872,"receive":584,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/atomic_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.445Z","timestamp":1783161267445,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /atomic_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3022\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3022,"size_decoded":3351,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"c757646a2ce6d18c9c2e1c4cf2f6897b","sha1":"aeb12aa29559f5a659933279c8a93ce6f6fc7ec1","sha256":"57564dab0810fbbb95abd8bb8477c5798f161b4c0586171d819028cdba94c2e2","sha512":"ca36694e669eaeee4555233e5af440150d2553f952558ba98e9915bdc856f9c6d9ffaf29b144ea907ffa149c17ab024f95e41234627ae62c0fc5172357e21e4a","ssdeep":"","tlshash":"e2513b744754cb15ed3e3a3c39b02be2d75aae269986835ec84244217b364e2592ca8e","first_seen":"2026-05-22T03:52:37.207712Z","last_seen":"2026-07-04T10:35:10.692819Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1492,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":866,"receive":626,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitget_wallet.webp","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.460Z","timestamp":1783161267460,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitget_wallet.webp HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/webp\r\ncontent-length: 892\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":892,"size_decoded":1220,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"43e41804bde31ef81e7dd627995433d6","sha1":"b4369be47aa79386ab5475528e2e1b244062fdf9","sha256":"77c83ce6a2ec02f7fca794a66f66472273c1873445d6db3069e34c47a2d95a50","sha512":"93c0938de137fbcff212f933d056ddb95897471323a7cd9ed1e8658b9bcb45fa61e44811547844b9233e6237f9b925524aefd8a574cbd8a0a612dd1cfd3da55a","ssdeep":"","tlshash":"8611b7353889dd6c9f63251a6a121f399c2982fd10ef6b0d1419e9e50e901a4e63708a","first_seen":"2026-05-22T03:52:37.802127Z","last_seen":"2026-07-04T10:35:10.694068Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1694,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":853,"receive":841,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/enkrypt-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.532Z","timestamp":1783161267532,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /enkrypt-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3247\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3247,"size_decoded":3576,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"01a992b0dbcf55722eef2168aaa9c427","sha1":"085e6abbec269e8472b7c04626245022ca6e2d38","sha256":"61b4a80c809e9f9d89e0206c9d4194ccc97ae96e421dc9803cc90e5249fae477","sha512":"1959fb62640abb81b5c561b7b041c7b3a8665158beb168fae9b4c470a1ef57718af0b8ad7e26c98fecac03246f5787bf2389585f78e5b8c2bf4945c2f37aa656","ssdeep":"","tlshash":"266139315bb80a0fd11d6a783c910bb9ec8e7e227e4f87a98941463a332e0c0d56c45a","first_seen":"2026-05-22T03:52:37.347485Z","last_seen":"2026-07-04T10:35:10.695334Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2016,"timings":{"blocked":729,"dns":0,"connect":0,"send":0,"wait":783,"receive":504,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/guarda_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.541Z","timestamp":1783161267541,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /guarda_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3143\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3143,"size_decoded":3472,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"5ca42060427b7573c9f7418b2800b904","sha1":"3907653255d3231e630ce8d395491c41d93f15ee","sha256":"90efda1a160476401af93f59de0174a7457bf5fa82e78a869d7db74766a74757","sha512":"4381f3bd71b3bce6fa50edacd71f0e334ad35eec0b2c205a50cfd7169d6d69588b167904f8495e33a9b7aa011a44c4601d8c84fb0248b0aeb250a959547d6d9b","ssdeep":"","tlshash":"ee51191237086b56fa7d173c21802726dbd37570ba906b4c97d2112923b9cd29aa93bd","first_seen":"2026-05-22T03:52:37.580722Z","last_seen":"2026-07-04T10:35:10.696824Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2015,"timings":{"blocked":759,"dns":0,"connect":0,"send":0,"wait":752,"receive":504,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/kraken.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.363Z","timestamp":1783161267363,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /kraken.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 12964\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":17261,"size_decoded":13342,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc2406eade5d2b25ffa334c1c69e1a95","sha1":"c7d4120c76daa74138b7a7d50b2392186702af56","sha256":"c570ee6b23464930fd944bc1e86acd6f1b4f855a7616037e63a23b3de30e151f","sha512":"7a87e2004f4e7b94edbe9e277c6e45d2df90899111ceec79107675885e1a1101c81615f5fe170b06ac57dafb6cc8c823e3f514c0342d48c5a39c3fd81b3043e9","ssdeep":"384:uoFt+X9GW2O9XtzPYdZxZAB11mOCKiqovelXxxgUxK:7FtN89Xtzg/qIKiqjXHPxK","tlshash":"4a72c08a6a7bef60aead830b8509a33447fa31e40f93d24292f3fb6355505d19171b91","first_seen":"2026-05-22T03:52:37.647334Z","last_seen":"2026-07-04T10:35:10.70374Z","times_seen":5,"resource_available":false,"data":null}},"time_used":756,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":714,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/cloak_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.494Z","timestamp":1783161267494,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /cloak_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4130\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4130,"size_decoded":4459,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x98, components 3","md5":"283d4af6058617affa28ec262e5a891e","sha1":"10ddf8a01b08d6bc71cc98a25443bc7a4039c79d","sha256":"65143e6f695569af999a1d5c9e236e215ff98cc673f5085acb0584eb12fa7509","sha512":"8e0bbc9b5c9688aa619dff5a5d09c895fb20d417898ec0fa1ad1eebe04d4f0964821775e22f330fd7b99044b8e07b0bde55dcb4378963f8afe914218c441e7bb","ssdeep":"96:JVreW1IWFbSEWWDFfUWT/NsCRO5mAgylqBPOzDz:JVr/1NbSEW+ZUWb7SZlqe","tlshash":"71815cbae726be98f5d2e97d4d76f9747f646c0da3cb88128a32142974d53c0840d033","first_seen":"2026-05-22T03:52:37.700699Z","last_seen":"2026-07-04T10:35:10.706767Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1819,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":821,"receive":998,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/infinito_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.548Z","timestamp":1783161267548,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /infinito_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2246\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2246,"size_decoded":2575,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"83f77ba1dc41565e26648c666e7ee248","sha1":"6b25371b250765409bdb044f448bdaf691ace5f1","sha256":"da6acabd511dbc745f10171f249b3ee0662f67c55e92e3292fda474b7f076fd3","sha512":"ef5ac8a095c381fa9e813456b1f59ddb503a683801853a1528939a6a66331ebe32078831c308e5dc029b1d12e7213a307c64db9bddc62179ef3a4ec5cc950097","ssdeep":"","tlshash":"db41d87167684a04ce7d2f7e16c20be1ce042e66cef2e73a494245ae3735dc5882c246","first_seen":"2026-05-22T03:52:37.471537Z","last_seen":"2026-07-04T10:35:10.709301Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2274,"timings":{"blocked":1270,"dns":0,"connect":0,"send":0,"wait":827,"receive":177,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/leather-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.559Z","timestamp":1783161267559,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /leather-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2399\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2399,"size_decoded":2728,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"860af6a8a6f6c96fc796279f8aac4bc7","sha1":"2747bb75e6fe919c2c698e90e12f554fc81f4853","sha256":"8c4f68ad0aa5ad8651d7c675acc504362e95a8b887aa4d150357b67b9046076c","sha512":"e14e3e1d0c4b434b8c58c197e13062679b1e916855f0f06862f40d98403b823abbd85b3644e3ccb94ab68efff48924b89b67218567b0861d7204311fb6eb346c","ssdeep":"","tlshash":"e641eb910b945b2bee1d15b95bd12b6af2d57f30c74363de4d60053efb190c04d48a53","first_seen":"2026-05-22T03:52:37.674117Z","last_seen":"2026-07-04T10:35:10.712028Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2698,"timings":{"blocked":1979,"dns":0,"connect":0,"send":0,"wait":719,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/moonlet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.572Z","timestamp":1783161267572,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /moonlet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2761\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2761,"size_decoded":3090,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"44e3fa1971d5916c7b5fb249d607d83d","sha1":"53c9a3a4f74cd0a0e5844907ff5e0692464b3640","sha256":"11ced6935e9fafb728046d4c7f6a5cedbc85fbc39fb9d4eeaa6416c4433398ed","sha512":"f385bf34a27faceaf97173434c90a916d8b21771d496908ef0580fa4cab55fee32e41933607dc0ea97501d4d69f4d69ba4208d0c3bb11e0229c8e0ec4a6264f8","ssdeep":"","tlshash":"08513a35b2fe521afe4d363c1cd15372eb747e325ba2874456c106297335956485c28e","first_seen":"2026-05-22T03:52:37.495321Z","last_seen":"2026-07-04T10:35:10.714044Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2093,"timings":{"blocked":899,"dns":0,"connect":0,"send":0,"wait":727,"receive":467,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/crypto_onchain_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.512Z","timestamp":1783161267512,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /crypto_onchain_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 5424\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5424,"size_decoded":5752,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"7579fa8bb51facadb1e4c773386d7ae8","sha1":"67998c0bdffbbbc344118d2c05a144702c07bc3a","sha256":"3414f2b1cd50b5e3044393b7a9aa04173f470c393aecef582a4da537fce62dcd","sha512":"6a92935c501e1821853844cc64b9acfaff45bd429db6403b76f3ee5c3812fd34a59d2d62c85481fd2a5f2825c0a2b3bc93e18f330a6cd74bc885d3d5b785c37f","ssdeep":"96:QSBGUVWoM4pFJ1zeIbpWCA7MY4jPGWECJcimhHg1g7sXt:QS1c4pxyIbpWMdPbECJci2HD7At","tlshash":"f2b17cbb1195a069345c2850cda6401c6ebae7489f43bcf256ff20773f42b29c166a5d","first_seen":"2026-05-22T03:52:37.550009Z","last_seen":"2026-07-04T10:35:10.715813Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1874,"timings":{"blocked":271,"dns":0,"connect":0,"send":0,"wait":852,"receive":751,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/dapper-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.519Z","timestamp":1783161267519,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /dapper-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 6838\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":6838,"size_decoded":7166,"mime_type":"image/png","magic":"PNG image data, 100 x 87, 8-bit/color RGBA, non-interlaced","md5":"f1a4252f19fb3aef754880771d339dd6","sha1":"c2d435ba406030162313cedf1444295f92e5e41d","sha256":"aed5a783d5b088102201d4423ab7b42cbf459ccf915357d879328fbeb951b45e","sha512":"ba56eb80d269f5915c024f3b0165a75d175e83bd96dfdae9f34847baef5cafafa6700fb21d45c32f609d4047b73d379c8a65f29e70629b64374c069d7e29626f","ssdeep":"192:BSG3HaVXWQe3eposbffMpYvqCk89O3BQs:obUQNuib5J90BX","tlshash":"98e18db88b03d2d7f5b712512113cc90cfa71b6a4def54c6746e9d0320a598457a4e7a","first_seen":"2026-05-22T03:52:37.813583Z","last_seen":"2026-07-04T10:35:10.717483Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1931,"timings":{"blocked":460,"dns":0,"connect":0,"send":0,"wait":779,"receive":692,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/leap-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.558Z","timestamp":1783161267558,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /leap-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2477\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2477,"size_decoded":2806,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"43cd95f43bde6428d22c58a90ccd07d0","sha1":"5040548b8997659ad631ee4423d8d300d9ae8f5a","sha256":"bdd4e652356360a8c2c0c71757f6aef2a883380a2b9217f7a76e80b90d8a7037","sha512":"c0268c3b86416ffc0cb2e6b83babdd5152269de58afc318cc224e41029cd10721658c99d7e3c9f45ee4a26a136b8a821935030c3e6afaa97266b35e7c2e90861","ssdeep":"","tlshash":"1151197493445268ec6e8b73a1908739e6623b23ef93d3dc86814251375d0067eaa115","first_seen":"2026-05-22T03:52:37.533637Z","last_seen":"2026-07-04T10:35:10.719633Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2567,"timings":{"blocked":1686,"dns":0,"connect":0,"send":0,"wait":780,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/dove_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.525Z","timestamp":1783161267525,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /dove_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 6893\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":6893,"size_decoded":7221,"mime_type":"image/png","magic":"PNG image data, 100 x 98, 8-bit/color RGBA, non-interlaced","md5":"4953246ca7cfbbc0ff2d76ea1a4ac082","sha1":"db2c794416e784c704c672c77b31d5115b30adaa","sha256":"25824f96681ce65bf5a3540ed6c086aba1fb64feafa32d14cd579f3a4fd8f32f","sha512":"8f3fc7fa9f445f59614c8828273808107db588daa243cb66533f11c2e8427fbbb464a1d5c6b91b195a1a753ea08bbef82f8359922adb3fe248e17ddbf5d221c5","ssdeep":"192:oSjoct8zjIz/r2U7xmX5v4XNlYHy7g0CknBt8fRtu:vjojGriX5vcmy5nU8","tlshash":"b1e19e1749e9e441d2862223b99f45898aff62b8ac56597c7fa5ceb4012dac0c3e047b","first_seen":"2026-05-22T03:52:37.360597Z","last_seen":"2026-07-04T10:35:10.721071Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2702,"timings":{"blocked":1959,"dns":0,"connect":0,"send":0,"wait":743,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/hiro-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.544Z","timestamp":1783161267544,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /hiro-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2198\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2198,"size_decoded":2527,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"5a5adcb637d39e1a5411c249b721c0e3","sha1":"bcc1fa46296841bb163bbbd03d90d5abd9c0b054","sha256":"dbbbdacf6d22f839e179043b8b6878bbde48303439c3cf67fd62ccdb3ba1a2c4","sha512":"cb1fe5d9be24896f794ea7b2c6f5e92fc25988fe1de9e74df2fdacb2cc7530db5781337310422d44601769d3b538a56a15466aaa5f4e0968ee48cb7c634ced37","ssdeep":"","tlshash":"fa41d7810309f75ae1852b785cd09370e668bd33d2eed31885a0840efba50c0c118697","first_seen":"2026-05-22T03:52:37.37354Z","last_seen":"2026-07-04T10:35:10.722861Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2015,"timings":{"blocked":759,"dns":0,"connect":0,"send":0,"wait":752,"receive":504,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/stack_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.702Z","timestamp":1783161267702,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /stack_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 1389\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1389,"size_decoded":1717,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit grayscale, non-interlaced","md5":"4d8064e440e103bdb7c9d2cc8d0f7c59","sha1":"94c888d45c8b34d0ceef0bbb2fa0dbc963c85133","sha256":"58bd2d92e006dac698c091cb34eb3a1ac9f37ff341f806ee94533b3bf10f3ee1","sha512":"91bf2152c5acba1b40c58a1b1b58a9ccf3602cae71b84c3eff4c7bcf95a2baae967e6cfb668e242ddc751022f506dd8fd9295899d85f72d695a87565e880e7bb","ssdeep":"","tlshash":"0221d6f3a7a2136cb64745f36a0294c41a3a893a4bf314559131a6a6ac81aa0f8a0038","first_seen":"2026-05-22T03:52:37.307281Z","last_seen":"2026-07-04T10:35:10.725327Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2460,"timings":{"blocked":1614,"dns":0,"connect":0,"send":0,"wait":803,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/gate.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.392Z","timestamp":1783161267392,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /gate.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 3251\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4341,"size_decoded":3628,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ae9a0028be8b92bd4c756cd88000bc21","sha1":"4d405c824cd7413af665dffd461abfca44f44106","sha256":"0f00b251752374365a7500b9949456c6a8b0a93623b46e26a79ee34d1c34e9d7","sha512":"27de0ea19066eb6c9cbd0b399c0489004f065b424c15b97f9f04fd4cfb11ce9c7fb5d8289f998bf6545cb810f37c278fbb1d8c0a6f15885eaeb989ab1a052999","ssdeep":"96:+AFPcq60LxTD9Wxl3P/ehJK5pO36UEFMsqeulCJeD5TyfDmti/Z8U:NFPcQtNWxlXeHmNUEFS4EFMiAx8U","tlshash":"58917c08eb2ea8173a3b1c60304195b8fe619a556b85d74c41e732d777ed00c32a26d3","first_seen":"2026-05-22T03:52:37.762671Z","last_seen":"2026-07-04T10:35:10.726992Z","times_seen":5,"resource_available":false,"data":null}},"time_used":802,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":802,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/aqua_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.436Z","timestamp":1783161267436,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /aqua_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1939\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1939,"size_decoded":2267,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"617d0cdaf3154dfd21661c0b126f58e6","sha1":"53a8d68e0f472476c0aede6e91450e7ed1569379","sha256":"52e1443286d34d36253e4390a056e44a4069bbc774e756ce2ec9b10b232cc06d","sha512":"baabf48e762cb82833a9e66e425416269b787b23b07a0e5b1458450fd1f43a58cc34ad3163b35780d22181a318bbba283dcc2b4e80ae3e4338255e8b2cbcca96","ssdeep":"","tlshash":"5c41e853167152eee5421d11a86059848aa841a19bf5c6a491c6fa8e46a0812cc0b3aa","first_seen":"2026-05-22T03:52:37.500755Z","last_seen":"2026-07-04T10:35:10.728861Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":876,"receive":720,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/vera_wallet.webp","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.756Z","timestamp":1783161267756,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /vera_wallet.webp HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4792\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4792,"size_decoded":5121,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1f74ee40df93fe5214ed43e823d204b4","sha1":"bc79f78c675f30f83a391a2997f5fd03daabe9b2","sha256":"ea498d9211f78a4d6b0c1ab51ddfc79f5ee6d98ad483010a74376998295853a9","sha512":"6481e220e3d7b1e5c57fcd6aa5cc78841ece962f86c6e0b9e8cae088f3cf0a152dd10ceb5a0a3c550e826bb1577c4e201f297f4e8cc547adbd856bddcdfa3f1e","ssdeep":"96:DaN26MT0D5MdtbZPAVwzV9Cue5PcA9oGZ:DNYNMtKw+nP/9oU","tlshash":"05a15cb9de5793b6d831e6b4b8e03fc463c3332ad711ab61642ab53142852c06ecd149","first_seen":"2026-05-22T03:52:37.319917Z","last_seen":"2026-07-04T10:35:10.730384Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2553,"timings":{"blocked":1750,"dns":0,"connect":0,"send":0,"wait":803,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitwala.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.631Z","timestamp":1783161267631,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitwala.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2462\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2462,"size_decoded":2791,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"582809e209713522456afdeb9803f5eb","sha1":"63ef3a4e591cc577173abc3f549ac0e8d502fc3d","sha256":"eb38edc3d6416f633d8d5167fd7b90df21255682f44b545f8737e69f41e9fd33","sha512":"12440f6fa4e44756fff524ed8efad509a30dbe66eb713cf2921436ea70d86a8672ca216133feac2ddc63c6c56167ab463bea9b67ab336fae661617ff3b4a9a49","ssdeep":"","tlshash":"e15119e27304ab08d45d3e78948037a1ff9f3e346aa7b32d0f810b6527be0824a54356","first_seen":"2026-05-22T03:52:37.24351Z","last_seen":"2026-07-04T10:35:10.732021Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2582,"timings":{"blocked":1819,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/crypto_com.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.369Z","timestamp":1783161267369,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /crypto_com.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 8489\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":11993,"size_decoded":8866,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0a92506d70bc71c934d8a561cd63b701","sha1":"f7ebc159b97bf71a7f0ffc126bb143791d6f3cb8","sha256":"4dd75324f53a4c0ec067c63aa3482446b05346835789807b3ccee4cb7f3e2bb8","sha512":"0be8db40671d9281d6aecfc5d0eea51989c4f9b8012d9d2837296cace9df3591e9aa768928348fc09c6795e04f56d751f5f71590ed1867257ba1740e26805dc5","ssdeep":"192:9u/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZ+0e9KNeP1bngJSu5GYBTNu9TZOGFhtsz:lyW3G4ySbGKvP+HKsna9oaNnGO0C1","tlshash":"7132c0fa1c01a11d542892dcf914fa958d3108a7d3f3928eeebc27465060299f7258ff","first_seen":"2026-05-22T03:52:37.498591Z","last_seen":"2026-07-04T10:35:10.748233Z","times_seen":5,"resource_available":false,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":633,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coinomi.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.503Z","timestamp":1783161267503,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coinomi.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4201\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4201,"size_decoded":4530,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"7cba73b25c238a276f1763d9e3bb215b","sha1":"a1a6da6cb717c170e13e1d1bd4630a5184f8c90e","sha256":"6411a3195d213e71deb172e214f2f96c05a1fc637e807ee366eace911db99716","sha512":"ddffb84a482b28b7264c6a322b3447e4791a6dfba5d6d78f32540a83d87c8cb1b38da0e6cc4e2a938f6bb39440d07fd045f212fa7962f7fc62900d14e2cad521","ssdeep":"96:5894vBvRZXe+CZQiktqCpvKewdxqQTDd8MyX1PrP9LGjKFy:imYZQi0SVDJC1zPBy","tlshash":"e3817eb0833a0b19dc4c2f3520302fa1dfa42fa26caae70259040908bfe7ad20ca5155","first_seen":"2026-05-22T03:52:37.663613Z","last_seen":"2026-07-04T10:35:10.753243Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1871,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":813,"receive":1058,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/shapeshift.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.695Z","timestamp":1783161267695,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /shapeshift.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3148\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3148,"size_decoded":3477,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"ab6f5e6188e16765a2fdcea6a9843ed8","sha1":"69cc2bbb9c922bddb2d5973a931583da6bc8f5b8","sha256":"22574929f7c029eec4e643631a5d5dec64f8f5e02f51a3cd56bf417c80ca0cb5","sha512":"c4f73a7f82ecefadab3c32ec50d6e910e5a3e4b32eecabcedab34bac8328f4f050c54e159dd04b18ad969f9567c9da1828cf513b8395321e3388b5c9b72d3041","ssdeep":"","tlshash":"f3510c778b910b11e94c3b7063e093b3d2973f348bd15b5f47539a15773a0c36948569","first_seen":"2026-05-22T03:52:37.510276Z","last_seen":"2026-07-04T10:35:10.75629Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2497,"timings":{"blocked":1614,"dns":0,"connect":0,"send":0,"wait":803,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/_fin_njr.gif","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:30.383Z","timestamp":1783161270383,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /_fin_njr.gif HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/css_IuF4HgUdgHj26fEOqKrFzLNVJ6kW_3J_QBPNBBdhnBg.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1322\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Mon, 15 Jun 2026 14:46:32 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1322,"size_decoded":1650,"mime_type":"image/gif","magic":"GIF image data, version 89a, 32 x 20","md5":"eac7ab14f100ac549e82f550d9cca39d","sha1":"324613be9c3fc9ba6e6701c6fbcb8ea9e467a6a5","sha256":"bb3774cd774072d44c613de53ba5b08f7ce7f9fde55db0f8d0a0eff6985a5b10","sha512":"99c36340163becef03a4039d657492d2c6fc7a9d7413a276c3d851ee77ce7e41385203ee3f329363c0329c281c41989eaa85d4e628b488fbd41cf659ad3cf010","ssdeep":"","tlshash":"3d21d50dd982ac053088e48d7ce7d22646438ac0dde4f9ed7899d40b1f080ba6c1d4ef","first_seen":"2025-06-12T11:05:42.35951Z","last_seen":"2026-07-04T10:35:10.758382Z","times_seen":19,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":522,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coinbase.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.361Z","timestamp":1783161267361,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coinbase.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 3379\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4505,"size_decoded":3756,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"69101a08dc821f45d80f01ca08a78db7","sha1":"8f4ba2b2a2040758194464cbb5a890f4d92fb93a","sha256":"cd01c7162a5f29fd283d85a0088dbe66e4c91c9f264edac96f77c4570b8f4c3d","sha512":"1a70903933d6aa9d923263b27d85a383114ceb2244d6508fcb8fa3b50c3f4a32c2b2995bf47773569483a074b6dd3a6281204d894321d691aca2199cbc687a6d","ssdeep":"96:+Aua58sl47OkUkEEQdtOPjUiFydtW5zTsEjeAxNn2dBFIxzcuF807vCYdu:NRI7OkUgsClsdtdKJxx2DFI7F5u","tlshash":"78917d70ca874247ecdb00db8c30192637a94357cfa2a8b6e5e9fe1a533921838702cc","first_seen":"2026-05-22T03:52:37.267903Z","last_seen":"2026-07-04T10:35:10.761466Z","times_seen":5,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/brave-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.478Z","timestamp":1783161267478,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /brave-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 6467\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":6467,"size_decoded":6795,"mime_type":"image/png","magic":"PNG image data, 100 x 76, 8-bit/color RGBA, non-interlaced","md5":"99b9aec48f9c5d7699b332df15738329","sha1":"e7303d37135c6c2c4d7acf6a66b2e04c5f5b46b6","sha256":"32c105919e96d2fe2f3b5e77d078b89a7cab7236b19d334a6dcb8e5979966ab0","sha512":"cc574f3ff8dbd6479db90afec100204f7f5781b1c459e530e2cf902d1e685b660f51c9f30e6739b9950df0c83f8b6de3299db329af693db8f7e7f436f5f5b21e","ssdeep":"96:eAk3ZAP9Xa0SSgaqLZmhphOnJZZMB6bgDsckmyKRJCEd9uVPPdMN/BNQ3mi7VyC9:eAZP4SUZZZIssDJbYPS/BggS","tlshash":"2cd19ec8d2f29ab0c9b20f12695015cd6670eb145d6726d41efc4d5e4ad67848a887a3","first_seen":"2026-05-22T03:52:37.21045Z","last_seen":"2026-07-04T10:35:10.764848Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1870,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":837,"receive":1033,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/ipayyou.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.550Z","timestamp":1783161267550,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /ipayyou.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3955\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3955,"size_decoded":4284,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2590a309c6c364a72c8277fc6f965acb","sha1":"d5d47b4d983878a7df0729b62fae7d1ab995cb44","sha256":"2703408fd99aa66a44bc27ca49c6c1b6a33d6ae28c88c1b9ec0a2c65e1201458","sha512":"a9f4a927876beebece22a0fdf9c383e0b487d4ca323af3204aebc4549a4021b2b19d0081dcf03cc6cd03ac567acdeb4682ccde5756cd7f3450a1f1e0d7815be7","ssdeep":"","tlshash":"52815c565b146e04cd4ed9bc94584aa2c3a27c33e5e90b7c8865eaccb3de4c066687ac","first_seen":"2026-05-22T03:52:37.414599Z","last_seen":"2026-07-04T10:35:10.767354Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2039,"timings":{"blocked":816,"dns":0,"connect":0,"send":0,"wait":812,"receive":411,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/ready-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.684Z","timestamp":1783161267684,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /ready-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1969\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1969,"size_decoded":2298,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"871c4f5accbe5aab8bb047ce62d3cb0e","sha1":"8897ac4af2642b73a0f4a842dee7f631a0039941","sha256":"ffe12d83dde696c54329c3a8b219e0d98efa70e9c4f22596da372bd146497fd5","sha512":"1792fa32eb320455e46c9a614dec28d963a68e66c81d886ee6ee3ca3a9032272e84a12ddcff2f74155306cfdba33e122d7478d8acf78ed30afe1288fc5884dbd","ssdeep":"","tlshash":"4b41b8a0ab555b04dd8c0a35d24093b0ea8e7f69dcfbe7ae45c2c3dabb580c18954647","first_seen":"2026-05-22T03:52:37.651471Z","last_seen":"2026-07-04T10:35:10.769374Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2143,"timings":{"blocked":1029,"dns":0,"connect":0,"send":0,"wait":786,"receive":328,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/safepal_wallet.webp","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.690Z","timestamp":1783161267690,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /safepal_wallet.webp HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/webp\r\ncontent-length: 306\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":306,"size_decoded":634,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ad8148d9e8d72a3bdcf91b0b87438c69","sha1":"17f864febc089e43e85080a4ba2aa0c6c308faa3","sha256":"df468f5bd2c2a0371b9f56d028421a77b622b71b89a62b941b4737714155f583","sha512":"7b2587565f03e9e2c8e0f6a04de100dc10171ae48e01743692da0a06a89f1d7b88119cc77682b1e4bf5ce764fd097da652cfe6b782366564fd3b2f2e53c4a072","ssdeep":"","tlshash":"5de07d115738030472556830c727ee036c2694c11445a1bf428f35acb8f0441a6e5a0f","first_seen":"2026-02-13T19:11:11.272545Z","last_seen":"2026-07-04T10:35:10.771536Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2321,"timings":{"blocked":1321,"dns":0,"connect":0,"send":0,"wait":728,"receive":272,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/exodus.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.417Z","timestamp":1783161267417,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /exodus.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3091\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3091,"size_decoded":3420,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"2cf5fe781e37d0e4eac81f603c735e30","sha1":"4b6c0fbaf11800c5627b6639d8c27d824dfa8c13","sha256":"8c00ead36f047941c3b9bc2f4787eb97d6735ee7207b5c0bd4e334530aeda18e","sha512":"5297127f887f85673e35c38cad64cf85b7df745c6c80529dd953276c751b554e5121f9222d90dfd866e4919b89672a9125dda657848d0eabbbe6a20e8f7066a5","ssdeep":"","tlshash":"e9511a2c93519506f61e233d6c915364ca177e72e9e1a76f880072227baf5c18e10ba7","first_seen":"2026-05-22T03:52:37.556236Z","last_seen":"2026-07-04T10:35:10.773581Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1361,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":837,"receive":524,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/dfx-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.522Z","timestamp":1783161267522,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /dfx-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 4002\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4002,"size_decoded":4330,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"998ef304b5b4b1e8bbe5e8a12a248d39","sha1":"343ffaadf7295cf887f8277f12e53a18e0be7041","sha256":"7f4227d4d761d7ebb9febdbaa04812e357352c617ca9b2f7f54936406d6150a8","sha512":"0ac677551e60678db4bd1de40ab48d5aee8a378a05150d6ab7bc3a5e39514c35ebdb5fdb51b64b927646ed39d957de4a322d1a0da37c978d68cb850907b504dc","ssdeep":"","tlshash":"13814cc59a7093f2f9b16838d3089144da9140756efb4bf5ed7099b918cc384e04632a","first_seen":"2026-05-22T03:52:37.727787Z","last_seen":"2026-07-04T10:35:10.775586Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1931,"timings":{"blocked":635,"dns":0,"connect":0,"send":0,"wait":743,"receive":553,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/ngrave-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.594Z","timestamp":1783161267594,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /ngrave-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 4971\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4971,"size_decoded":5299,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"da03f0dbd289625d300a7ae5adb0da6b","sha1":"611c5526dc0142a4641fe3c0294e355fd0f4436c","sha256":"3b5b6debdc21cbc7b5fa831b29bab75fbf2a9614edb09aaa75b125b6cc24472a","sha512":"8a534920a41ad8827b8bcf487861e828f46624c5cb325b376a25142f4179b1b287da2a0f3b697e047122e5404067e0df0dcad505fed50e4e8bda55a34ec5875e","ssdeep":"96:UpZF9KB+pttSE2IL8FdsQT8jBeAvKVxaxNOrXkGI+5FK5AVNG3X32Q7BOkdP:UTF9K8oT6QeBnGrZIWKCNGn7BB","tlshash":"1ea17ebc85391f69d97ab2a9586321197a72c9459c4525f1be53c0fb5213b844f0f344","first_seen":"2026-05-22T03:52:37.643157Z","last_seen":"2026-07-04T10:35:10.777235Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2074,"timings":{"blocked":891,"dns":0,"connect":0,"send":0,"wait":930,"receive":253,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/swissborg.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.385Z","timestamp":1783161267385,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /swissborg.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 8036\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11389,"size_decoded":8413,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ed61441ef0504af47319baa5b76bc76c","sha1":"0e01bf95d8277ff6a6f1e29a6e4bc48d886408b4","sha256":"e8df32a251274cc1a55d83e2ba59fa373bc0c04e60c0bf9379216b8d0ffcd794","sha512":"d1ac915940d3ab6f57838ba5da9947d6dc972c377dd114f70b014efdd739ea6916d11921a2c9113a37892b92a6d3e2be80c76ca454c422bd3b2e24c05d76381d","ssdeep":"192:9x/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZ5ITdgCzas5MYhCs61tkPqFx9GAvJ:myW3G4ySbGKvP5id7hWt90g","tlshash":"4f32c0f3a845601f180c28c0f6159ac19f70a58bb1b2478cf96c629ae1716bceb749df","first_seen":"2026-05-22T03:52:37.328131Z","last_seen":"2026-07-04T10:35:10.779303Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1349,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":869,"receive":480,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/infinity-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.549Z","timestamp":1783161267549,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /infinity-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 6178\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":6178,"size_decoded":6506,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"92b2de07178c117b25206ba1f3866ff9","sha1":"cd26ad708ed04ab8c942f602b50519ff86c0ab19","sha256":"34a330d5d50648e7e109a3b5d979dd9fe58d6dc598bb7cb2d267105fec2812a4","sha512":"2b114649fbf7029f2b52851bda1b5206d93360b8802c259f28503dd45f2f4720f73c5852005c4672681ffd8775facbc1b3515409c5f29b267def910af925cca0","ssdeep":"96:LQv0U8DbO5PJc3fPmKUjJPRuOsZ6t0lf4NFqnJx+rFMbuNqXlSdCzWBsFuFcu:LQMU+qS0RpKlfY8nJx+2beH8FuFcu","tlshash":"85d18ec59ca4a3ec05e7eee3223f0c354c794c7a86a7bc5c9305c273f6d5a458a205c1","first_seen":"2026-05-22T03:52:37.539855Z","last_seen":"2026-07-04T10:35:10.781198Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2301,"timings":{"blocked":1270,"dns":0,"connect":0,"send":0,"wait":827,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/secux-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.693Z","timestamp":1783161267693,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /secux-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2388\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2388,"size_decoded":2717,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"d20e3d4ff1bd15845eeebc2044b8e0eb","sha1":"b2fa0836733ec3ac47230919b08acf0d7cffa538","sha256":"df96f351fd37d766bfcdd364a26af77078be54a233d302494ddc4d299628a938","sha512":"651703dc9f7102e0107256f08361b0ca167fe2220e11462de11b4173f7a19723be5ac7a24009279bbd52423f76f586f34f30be209dfdb87a86b1d31ff4ef4526","ssdeep":"","tlshash":"c541d899078afb00f91c3f3921905b71f96abf399f5bd3a954444b5f33ac184c404625","first_seen":"2026-05-22T03:52:37.702193Z","last_seen":"2026-07-04T10:35:10.78319Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2534,"timings":{"blocked":1732,"dns":0,"connect":0,"send":0,"wait":802,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/solidifi-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.699Z","timestamp":1783161267699,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /solidifi-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2793\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2793,"size_decoded":3122,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"dd1eddf058e58d432ba3a5e228872005","sha1":"3c048f3f321c07abf355e06541d08ac7370ee8ea","sha256":"83db9565cb9881867573f46755420b112906f3377e1e7de338144d8f3e690e98","sha512":"c02ef0dafd20cbb2aefb856145a9afd3c04e24376d11193045f63f1e80bbf3b2236214f54f6e288b54b006ff0814ba52b2ed92dce027660c29f0297c1b968f90","ssdeep":"","tlshash":"7451296317988af0f91c1b7878900b74ea1c7f5eea4f8bde5ac50164371f0814b60583","first_seen":"2026-05-22T03:52:37.757441Z","last_seen":"2026-07-04T10:35:10.785074Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2320,"timings":{"blocked":1361,"dns":0,"connect":0,"send":0,"wait":889,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.telegram.org/bot8401526239:AAFpKbqsCwl_TALttFbXgzMthY3RYRAxofc/sendMessage","fqdn":"api.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:30.994Z","timestamp":1783161270994,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 11 Nov 2025 15:14:09 GMT","end":"Sun, 13 Dec 2026 15:14:09 GMT"},"fingerprint":{"sha1":"EC:27:13:72:1E:6C:94:9F:47:59:A4:24:4F:AB:9B:02:E3:6E:54:41","sha256":"64:47:03:9A:C9:ED:B9:03:8C:07:6E:AA:3D:BF:75:4B:4C:C1:4E:C1:A5:8C:83:2D:3E:FD:0C:E7:F7:82:C2:71"}}},"request":{"raw":"OPTIONS /bot8401526239:AAFpKbqsCwl_TALttFbXgzMthY3RYRAxofc/sendMessage HTTP/1.1\r\nHost: api.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://be-myfin2026.com/\r\nOrigin: https://be-myfin2026.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 \r\nserver: nginx/1.30.1\r\ndate: Sat, 04 Jul 2026 10:34:31 GMT\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":334,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-04T20:30:36.525225Z","times_seen":16984070,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":1,"connect":19,"send":0,"wait":19,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.267Z","timestamp":1783161267267,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:02 GMT","end":"Mon, 07 Sep 2026 08:41:01 GMT"},"fingerprint":{"sha1":"FD:DA:E1:3E:1F:AC:E0:96:14:ED:37:58:30:0F:ED:9D:B4:5E:F1:EF","sha256":"7D:36:0C:A4:14:F6:05:8D:F4:E1:CD:BF:84:A7:03:AD:3F:C4:93:AE:B3:D6:7E:99:CB:92:D7:1F:29:A1:49:A4"}}},"request":{"raw":"GET /css2?family=Source+Sans+Pro:wght@400;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 04 Jul 2026 10:34:27 GMT\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7763,"size_decoded":1445,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2eb6c398f69a541e2815c2f8e80f6984","sha1":"45f69a8257eea0a73b583d81880c9ba90562f2fe","sha256":"efd30199a540be2a8d93ad118a95901145c4868fa0d5e583b3b4d56dae60827d","sha512":"ac3a311f2a1fd70d9063bbc982bb7bfbb829ac953c464d0002acee31190645749b7ea23322a7e5fad862de4786c858b20c86a62f0f3991a7d028ae1c7cbf37e4","ssdeep":"192:Oq+cJ83LZXgrV05QU3tzGqGHbE9a3u2oZq:xW0MG1N","tlshash":"b3f1aff2411ae404dba31cc633de3f6aad4e50217155c1badffd5858acaac2a4364f1d","first_seen":"2025-09-11T23:38:45.671651Z","last_seen":"2026-07-04T19:36:12.10958Z","times_seen":2310,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":15,"connect":16,"send":0,"wait":35,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/nexo.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.384Z","timestamp":1783161267384,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /nexo.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 7475\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":10649,"size_decoded":7852,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9d47f103838ad0f684d44c0e43369ab2","sha1":"3399f3659d964472597d26c0545b6cbc43cd786a","sha256":"e76fa09a58c7d6568d88816be363137979b72fc5f84469440e2add709e55bd87","sha512":"92bffbd34fb2bcaacc296c6f92a97b800e89da735d5ae88059d58213769e48346b46b9118a6eb011252acf9dcac9ab167ff349b0908e6c706071d6e7fe0d4d70","ssdeep":"192:9//iyW3G2OWf6SMpa7mxYF7y4nJHaqZZN8ZSOJSltpAKiV0g0b4r:wyW3G4ySbGKvPNyqAKih","tlshash":"e222bfb76dc2692d612e4e857f2c95815ee4210f4371c1acfdad11a880f3a68f638c9b","first_seen":"2026-05-22T03:52:37.52741Z","last_seen":"2026-07-04T10:35:10.788793Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1087,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":869,"receive":218,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/blockchain_com.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.399Z","timestamp":1783161267399,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /blockchain_com.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 6345\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9157,"size_decoded":6722,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9d578c9ef2d34524789877c80725b248","sha1":"b7755ee98de5bc4d8b3b1fb96fcc2fd092de4707","sha256":"8ffcea3e29f6b5b7afbae0e8521352524172c401c7b01279d2c783d11029235e","sha512":"c8f36982d52cba6a46a97cfe29cdddfc2f16d01c1e01cef7b48c9fd4a7feaa93bcafc1f626794a0b3f759547f2c5236927b90a88fb4edc73e3212ccea8a9a0c8","ssdeep":"192:99/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZfTdYK5POA/U6YSBgJ3V/H+qd:6yW3G4ySbGKvPfPfU6Vgj/Hjd","tlshash":"07128dfb2c84602ea039c5d8fe1979c58d64604790b4a39cee987744e06177dee680df","first_seen":"2026-05-22T03:52:37.383823Z","last_seen":"2026-07-04T10:35:10.790916Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":855,"receive":391,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitkey.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.424Z","timestamp":1783161267424,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitkey.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1778\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1778,"size_decoded":2107,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"12cff3991dc962bc6ff6eb1d5d7eb50e","sha1":"0700105819c666b51e33be4268b6a062c4f97d4c","sha256":"116f5056b0f129916af10efa9963f9f9d8c57fac3287a04d1e69b1958009b3f6","sha512":"5085d16658f371d77bae90ad7914dc9f650618d5a5e26ff17f664c7e12a48ab36306053660f6bdf0cd407ae3d5883c8dc1bec0365ce5589016621f64e5bbdd0a","ssdeep":"","tlshash":"4c31eca15b183b2bdd7c033458856730cb473e319dc65fbd878501267f6b0c28c9435a","first_seen":"2026-05-22T03:52:37.538198Z","last_seen":"2026-07-04T10:35:10.792994Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1397,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":831,"receive":566,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/brd-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.479Z","timestamp":1783161267479,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /brd-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2538\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2538,"size_decoded":2867,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"fb759de3bec96483198a4424df7b24e5","sha1":"ec082f82dfa875b0cf4f53fb88147ac678019419","sha256":"71adaaec910b18637d4000b905c2770075bedcb536d1ff9deeca4ee0f7c2b47b","sha512":"e8db2a6fa9694f86780853550c42f047445166ea31519c27189261d227b305dfe4838f7cbd62e950b75550251e241f407f06119ba60fad67eb6426e3e4cf69f8","ssdeep":"","tlshash":"77511a5be3982e65e80d2b3512141f51db2b2e7682cbde2bccc2015333af0c0895c55f","first_seen":"2026-05-22T03:52:37.333264Z","last_seen":"2026-07-04T10:35:10.795578Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1594,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":834,"receive":760,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/buntoy_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.481Z","timestamp":1783161267481,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /buntoy_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1860\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1860,"size_decoded":2188,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit grayscale, non-interlaced","md5":"fe07d0da6e42e757d8cfee1b393f23c1","sha1":"780e19751096edd19f3adfaaf6b6cc55c7cc32a1","sha256":"a1660cb23091715d2ac40a71acc2fdc8e4f4c2725b2863c5087bd11375d3c12b","sha512":"959b1c78c5cb95bb257017f5a73c54ddea61dab88cd03da5924c1b8caf6fae74331e2b9f8208afb373ed899610e700639187b4b4676229176e52c426bd37014e","ssdeep":"","tlshash":"76312bf60c5379b5571369668634fb839a156ca122601ef1220e8d2dadcf12ff2d7880","first_seen":"2026-05-22T03:52:37.774421Z","last_seen":"2026-07-04T10:35:10.797531Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1532,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":831,"receive":701,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/cryptonator.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.513Z","timestamp":1783161267513,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /cryptonator.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 5075\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5075,"size_decoded":5404,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"241f231d351c14c441c50a7eb8ef47fd","sha1":"3cc9c4056e2163431843c3c272bfc9fa0f5a2fe7","sha256":"a8a3ad9536ebf938d21077c576aa32d5c5f4d7425fb6eb393238ed7a605a1305","sha512":"fcfbe380613f417b408baef194d326296cbe48b04ff9680eebea4295df92832ff7168bb10e59beb7bec08591d11f9be402939bf5225336ebcd7ea364d737e868","ssdeep":"96:I894v5WrRWmmwuunJ7HZvUtlQsJ+PCH28xU390T2U5TOoP8bnAI3ahls1k:rPA9AZvolzn7U39u5OoUbrOs1k","tlshash":"c0a16d4032862f67fa6c457d25b43fa3d2d72b1ac5d777e4a5c8662627190c39e0029f","first_seen":"2026-05-22T03:52:37.508425Z","last_seen":"2026-07-04T10:35:10.799384Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1874,"timings":{"blocked":327,"dns":0,"connect":0,"send":0,"wait":794,"receive":753,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bold_bitcoin_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.475Z","timestamp":1783161267475,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bold_bitcoin_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1587\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1587,"size_decoded":1915,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit grayscale, non-interlaced","md5":"1896de23d0b863a5b5dfb85e9e747ee2","sha1":"98f5854d5450ca7932d021f352ad553e33185793","sha256":"606752b62796cfdd8ef08cdd2deea2f1037fa178a40ae90dc7224fbbf9edd199","sha512":"63ca9ded424b5880e892f49573ef812343002d5470543cdbb7d6831f6124fdf977a0a6313810adfdbdeea2d7d7fcf5dd53cec598ce70b0c26ad546fcf3f9c504","ssdeep":"","tlshash":"24310aa6390d3792d0803ff8173196adf17a452b237bf479005b508a0b97b632de91d4","first_seen":"2026-05-22T03:52:37.448132Z","last_seen":"2026-07-04T10:35:10.801583Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1679,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":838,"receive":841,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coinhub.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.502Z","timestamp":1783161267502,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coinhub.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3027\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3027,"size_decoded":3356,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"97f2ddce6cfc4c51ea462cd9a8dbf839","sha1":"4840f25b6e7599cbddfbb07d46614d4ba612528f","sha256":"fcb6ef354575cbd0e9f7a7ba70a062c21a69d42393e9c77270f72947e0a4a873","sha512":"deb4f0c8977725348bc020c8426c7c5df973d91151347ac52e05550e37e8f792525741819d5037d0b2bf7ec9c269d2fd6c36a51aa65b94d8d726bfc09e401860","ssdeep":"","tlshash":"9451098b226a2f51e3ad1fb850955760d74d2ef2dae7772e888241417bba4c4c85c3cb","first_seen":"2026-05-22T03:52:37.265685Z","last_seen":"2026-07-04T10:35:10.803503Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1905,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":814,"receive":1091,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/jaxx_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.551Z","timestamp":1783161267551,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /jaxx_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2612\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2612,"size_decoded":2941,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"c56b203bf58bc8909f27630ad5925e63","sha1":"f50da68cbc6a31d412e728fc51fee46715ae8831","sha256":"a69d084413939e1e63e0ad01902dbdbeba98d11dc861e4b37709a422f9eae6ad","sha512":"509d862f7a69abeafa480ebd6d74a61e018fb34ebf98083efdac73b7b1d7fcfe108eecc411fdc1989b73cd7891094eef53a2c225283b4ac29c1fec1fdba9965d","ssdeep":"","tlshash":"39510836a34b2a1aed4d0bb82a914b50c7b63a225e9457e689a30033372d0c5477944f","first_seen":"2026-05-22T03:52:37.485201Z","last_seen":"2026-07-04T10:35:10.805561Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2038,"timings":{"blocked":816,"dns":0,"connect":0,"send":0,"wait":812,"receive":410,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/lace_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.557Z","timestamp":1783161267557,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /lace_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 8959\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8959,"size_decoded":9287,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"809283e2b24460bc689caf55332268ad","sha1":"4b7c7c229ca6166fc4f56ce7b763fc97846b9e2e","sha256":"944e1162eeaeb6f363f4f06987873f6212812c4d6d0c441f7003d0ee209a313b","sha512":"82965fdce9d3c4f9221821fb6519334974001cfe2e5ddbf0c0c4c67423697b88524bf59e6b2a7e6a070c2640f305b21baa80a39908bbb598d700d78d9cb5d0ff","ssdeep":"192:QS1Gp4ZC0BOkAjXsuPDNXhsejYAwcGTc0h5zXHW0UXnz:34pEAjXsuPDNGejY8GTV2j","tlshash":"5a02af61113486f805e80ab91e89973fdc7a5bc783473ea412cd8ed06ef6f2942c3693","first_seen":"2026-05-22T03:52:37.503095Z","last_seen":"2026-07-04T10:35:10.828557Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2568,"timings":{"blocked":1686,"dns":0,"connect":0,"send":0,"wait":780,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:30.426Z","timestamp":1783161270426,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://be-myfin2026.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14876\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Jul 2026 07:52:52 GMT\r\nexpires: Fri, 02 Jul 2027 07:52:52 GMT\r\ncache-control: public, max-age=31536000\r\nage: 182498\r\nlast-modified: Wed, 10 Sep 2025 16:43:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":14876,"size_decoded":15689,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14876, version 1.0","md5":"f3123e85194abd443cce2d67011a2492","sha1":"fb82ae035f301d2c2d47b64abe0e4f28fdc46a6d","sha256":"156650610835fe32914722ecfc8dab0ebbb84795e201b842158afa0ea873cfa4","sha512":"1aab412233d01ef623e349dcbfd387b930e42c6fc80a2e1f892cc19979db2e59f5f5dced33c69b32db2716286b454b8c2368d3e42644377aa10e196952122655","ssdeep":"192:qJ5lReG9wrdpmtTUniXkMpzKdTVVANX27iPr0xesgwH+Y2oBmTp8w4t0F3qJTQky:SReDrmgnixp2dZmiEKf2owfF3qy9yY","tlshash":"6362d04f3513af70e15ee777d0fb7d292443bfda600c9d9891a395b4a44a01d207bb42","first_seen":"2025-09-11T17:21:57.325452Z","last_seen":"2026-07-04T20:25:06.860562Z","times_seen":19678,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-04T10:34:25.803Z","timestamp":1783161265803,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:26 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":224106,"size_decoded":31477,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22065), with CRLF line terminators","md5":"bdddf805fe2162e5497346781e91a762","sha1":"36e77a9c067e8606b7d0ca40a793824305197fac","sha256":"25dde5bc676270c064dd57a567dd40316e9b38d1c0f2fd8f487908165f01e94a","sha512":"a71d24515ddc214a81f02c10e0b339c6a05f992d68a0617f8b2c3907c553868dd96a7dd08c09ab95352d93fff6f20ecca061dda9705ee8b06543af4d366b9723","ssdeep":"1536:u7tbmwqsOmzPMVn4idSl7N4BXuHoBHoBWoB+oBPoBXgoBuMfIjEeT0o:u7dmbsOmzPM1dSlauamjhn","tlshash":"272493255b76ce3251b306e367ea6b69b5a1924bcc43462c76fc02e00ff8d4c5d22b66","first_seen":"2026-07-04T10:35:10.840626Z","last_seen":"2026-07-04T10:35:10.840626Z","times_seen":1,"resource_available":true,"data":null}},"time_used":920,"timings":{"blocked":-1,"dns":229,"connect":59,"send":0,"wait":509,"receive":0,"ssl":123},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-07-04","alert":"Detects file containing Telegram Bot API","trigger":"be-myfin2026.com/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitmex.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.403Z","timestamp":1783161267403,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitmex.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 3716\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4949,"size_decoded":4093,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"96f7c880b920b8c28fa3b5f5cda70fbd","sha1":"099da155456a4a38a7dcc61a5376831d4099bc19","sha256":"aae869e8742d5a4e02ac3d7ddfe96bfdec2236dd98063d6c4aaebe9cbaa27a59","sha512":"45601003e4f8e5abdeb9d26e5ac7f2e498918181737db8d36b815653e7622709cea0f9a31493c46426c75df1114abd353b98ac8e21a5b0676d7670815120b7e3","ssdeep":"96:+AQTnJwVCAb+oNqETL1FEV5fLG4Y1MsY2E1/hfD7OKSYZ9yXRj4Wtflb:NQTn+Vj+oAETL1FEV5fC5X6/NDGUURcK","tlshash":"e5a17ffef10ba41a56d11727a2f247ccfdd16b16c19091f342127f3575615a804fa85d","first_seen":"2026-05-22T03:52:37.204629Z","last_seen":"2026-07-04T10:35:10.843684Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":851,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/tangem_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.419Z","timestamp":1783161267419,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /tangem_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1731\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1731,"size_decoded":2060,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"02d8e043f6b63d80650210532fb832cd","sha1":"5a62f0ad61fcb400b1abbadb9e914e9d297526d0","sha256":"50477a60d9fd0c44858614220489689bfe242365661aee827ee87453410a6d07","sha512":"bdf3b3cc77f8c5866e0215a412377ba4d107c43859726995ab220207278a8b0b8c7f27e2a440fdf853e7a1d5df8606dff685dee0204407cf53a4e2283f5c0158","ssdeep":"","tlshash":"0c31c5b2971b262adc8d6b78366083e4d9e6bb1196bb92de83e0812e14c10c00958297","first_seen":"2026-05-22T03:52:37.371338Z","last_seen":"2026-07-04T10:35:10.846759Z","times_seen":5,"resource_available":false,"data":null}},"time_used":993,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":833,"receive":160,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/airgap.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.432Z","timestamp":1783161267432,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /airgap.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2574\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2574,"size_decoded":2903,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"ff56c87be56592fc637c5f4927529da3","sha1":"f0eeae8885feb50a0590c3057ef88268c6bb291f","sha256":"64cdf8b9af765d893422191cffbc34b461f380f04f1990c0a385f612a01b40a5","sha512":"8b443f63ec282578f545ec8cc04903149b0ee1f5b02bb4d158d9d361bf216d9f176f86782347ff3970724ec5f36988030751b1481cc7bc7645a7cca336294d85","ssdeep":"","tlshash":"ba511ba6af840754dc0c0eb921d063b2f3687e22dde2f78f8945445d7b6d1c15e1894f","first_seen":"2026-05-22T03:52:37.251902Z","last_seen":"2026-07-04T10:35:10.849791Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":879,"receive":661,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/counterwallet_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.510Z","timestamp":1783161267510,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /counterwallet_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 4935\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4935,"size_decoded":5263,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"5a6de3b622ddeb26c06c8ffda25eb8d9","sha1":"a0ff5c8bfff7185b276d99bdbc6286ea19df4ebe","sha256":"9920089a79d792832639c3963c97298a25b47a2fafe304585367e3d5ed054589","sha512":"ca45a51de699784a5b2b4fc1d9075d551fd8eac0e333bf22da566508af10f064dd9db28fe623c693e94055a6a04753442f2c0a3379ec8378642524c254a41c2e","ssdeep":"96:IvRifYo3969l991hE4RlM6YGw0GLqRQAe/rA+RNGOI7Coa:gRif+9lz1C2h00GzZTGxWH","tlshash":"a3a17e9007e20d9c846c25fac35aca6e94a5222f55366d58ea7b9a0d29cb3cad3e054c","first_seen":"2026-05-22T03:52:37.548141Z","last_seen":"2026-07-04T10:35:10.852877Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1852,"timings":{"blocked":181,"dns":0,"connect":0,"send":0,"wait":733,"receive":938,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/eesty_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.528Z","timestamp":1783161267528,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /eesty_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2527\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2527,"size_decoded":2856,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"6affd60df3f801f9f83d866917d7d61a","sha1":"778342704277a3d95c1053666f451f591f24a8fa","sha256":"02544a4f8a83d19f7935255350c3671173b43246ceeb945ea2f08bf0da0b0fd9","sha512":"0fe31ec4c4337b7dae7b748c2a6a1eb0f756bc35973001d1b9a8aac7ede7b2005fffcc026af51e3d5638f4cc75c13d930f6d47bb922505a44100728c92c6b0d9","ssdeep":"","tlshash":"2b51e837ab440e14ff5c06bd26d14790e6011f228edaf7df45c2c8a8f3682c59a2816b","first_seen":"2026-05-22T03:52:37.521387Z","last_seen":"2026-07-04T10:35:10.855563Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1982,"timings":{"blocked":671,"dns":0,"connect":0,"send":0,"wait":841,"receive":470,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/gamestop_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.538Z","timestamp":1783161267538,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /gamestop_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1854\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1854,"size_decoded":2183,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"71e0d5eaf1afc438923049e7a3a36f60","sha1":"65d57ef5b9b2a6cb9e84b1d15c52fc3e77e63c1b","sha256":"d8bb6f08875ecb29338ba744ab09b02bb55f04e6c3eb29f9f291c5923e448723","sha512":"3d0e9dd4fade64c665ee9ac1cb6e72048c5e27eb09909c482d35ae81530295e29a2c82c4759b57481eccb6fb02f1ec2dcd234bacba193c0c799a9cabc3ab6b02","ssdeep":"","tlshash":"103194620780179cf10f6bf024d05bb1e33b3f6185c697bac571c52ab6694815978697","first_seen":"2026-05-22T03:52:37.218272Z","last_seen":"2026-07-04T10:35:10.857881Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2570,"timings":{"blocked":1689,"dns":0,"connect":0,"send":0,"wait":780,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/parity.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.639Z","timestamp":1783161267639,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /parity.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3457\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3457,"size_decoded":3786,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"0c472570f74502afd8bdc09fdff49c53","sha1":"3a34cd7a86950c1e3371847e62095a2c210f8e68","sha256":"99a495caeda2f14f9ad592ab9c596318b8e56d782b2afd3580e64cba4b8dc76c","sha512":"ddd2a89eeacadf61e24d7daa7209e2e064581ebedaa88e690eed55a1c2944eefb5a33d6a6d25ad9111b1d7483dfd48061b8750c4ed829b3188fef42f9b5cf309","ssdeep":"","tlshash":"32612cc247d57b18e94823bc61325b35db9a3f7a8b47a69d0f53d019b4480c0856dadb","first_seen":"2026-05-22T03:52:37.766671Z","last_seen":"2026-07-04T10:35:10.859934Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2069,"timings":{"blocked":945,"dns":0,"connect":0,"send":0,"wait":871,"receive":253,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/okx.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.379Z","timestamp":1783161267379,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /okx.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 346\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":977,"size_decoded":722,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0dd44cf51121991641bf13b278bd6265","sha1":"b6461ab63fb1dfcaba91af9c12489a7cb1e5afd0","sha256":"6072326ff4afccfbaa11a5c20dc5ef17cbdad0efdc6ce973b38e250e4baef0a5","sha512":"b4e1285bb0e89d261b579fbd71a21dba142b2774e119f97fe20ebc076fb0cb780b724c2bd2f51bdb292df9903eb2f66a2dc4f0b3dd33a8fe1907f73a3ca7afdd","ssdeep":"","tlshash":"7911d677c2de5c0314118294abe672a749a9fe9773268b70b303543a2d1e5b378281f9","first_seen":"2023-05-22T14:37:33Z","last_seen":"2026-07-04T10:35:10.861826Z","times_seen":29,"resource_available":false,"data":null}},"time_used":1180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":874,"receive":306,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/uphold.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.387Z","timestamp":1783161267387,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /uphold.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 7462\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":10629,"size_decoded":7839,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b9f0c098a1cc014eab57be5917543256","sha1":"db5f992faf2309f94e54a451d38f6e96855dc348","sha256":"8c1f11e28a592b17402b9e478fd908a8d4a5b4d968b648d1d2d6928925a6ed13","sha512":"9b7fdae9312a09ca6d955b2ca741585ab92e84df878545ea6157ba472a58e1ef26a498247eea5c8ffdd070ea6786535d64461c595f9318666a3a643be5b93946","ssdeep":"192:9S/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZ1D366Gg1elCM38UKo+q/:JyW3G4ySbGKvPpq63eltPKY/","tlshash":"3d229ffb6c8a785e542cc0ac39292ac34e74109f99a45a3eddb4264850e1248fa18cdf","first_seen":"2026-05-22T03:52:37.398151Z","last_seen":"2026-07-04T10:35:10.863495Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":867,"receive":391,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/cosmostation_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.509Z","timestamp":1783161267509,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /cosmostation_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 4245\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4245,"size_decoded":4573,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"f611cd89d6101b68741d9c21ecede360","sha1":"c831a50a2dc53ce28f22385b67b0e283ab89a373","sha256":"8f2eb7853b01d06a82fbfae22e0d3c8e76124230fd2dd562ab7eb25ee9e47428","sha512":"8d8270bfb025bfd0da8cb39968e56b86df041789bac2955fc4bf42d696fc19588997973ccc729521272a74e7d999a4e4c23773b17f778342e1dd9891ac4e3f35","ssdeep":"96:+nTLy5uz/aR/PrY6Qm34+J/xVKtWT9+Y79dnGBsF12:+TW5/p9/ZwtmcY3asF12","tlshash":"00915af6c194fedcfae132d10985b406a4bbeda9408f9014b3fce1e66850c0788835a6","first_seen":"2026-05-22T03:52:37.278096Z","last_seen":"2026-07-04T10:35:10.865422Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1852,"timings":{"blocked":155,"dns":0,"connect":0,"send":0,"wait":759,"receive":938,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/config.php","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:30.451Z","timestamp":1783161270451,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /config.php HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://be-myfin2026.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: application/json\r\ncontent-length: 84\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86,"size_decoded":315,"mime_type":"application/json","magic":"JSON text data","md5":"1edb690edeb184a031f55f966eae1280","sha1":"91b0dcc81580e03c6b5db9a306fb1ef7f0ade663","sha256":"30e13989812f197daa8c6d389ae3c3ae43600633681b11d6f29b0dbb2dd03f7c","sha512":"85ae3751a568d1ff312c364de86dac4378344c7d95f38e1e05f26532d421fe5f83876e73a7149f21b944276b7eb189c7ab8e70d3fd33bb4eaba03e5ed072cb50","ssdeep":"","tlshash":"afa012248a9099922ccc405200f221e38013113080d0003e0c4566f24026128b3a5491","first_seen":"2026-07-04T10:35:10.867518Z","last_seen":"2026-07-04T10:35:10.867518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bifrost.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.454Z","timestamp":1783161267454,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bifrost.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2325\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2325,"size_decoded":2654,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"87a5d9acc7a000c9f38ceda137d6feff","sha1":"a3e5b400a19fedfa0dd8f2c2cc8f9c7e5bc9594d","sha256":"ace7c53c493fc35961584429bbd026ed420a49dec150cb0eedefe655b31437ed","sha512":"ef4bec84e52a7ea66b3c2edb54e2eb703c2ce7555fb2e71cc7f0a4b0e748fcd31f91e93834aedaa390595bae259d0955cb3d596cdbead0378e6d4f6d3fc2331a","ssdeep":"","tlshash":"434109b7b32c8e91ec6d4f74d9906bb5df9b3f78c987973c504090553312482052e264","first_seen":"2026-05-22T03:52:37.292678Z","last_seen":"2026-07-04T10:35:10.869441Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1619,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":859,"receive":760,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitsy_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.465Z","timestamp":1783161267465,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitsy_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 7873\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7873,"size_decoded":8201,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"0d1159f31023f30cef22663d43bd4102","sha1":"0b1d5fb9c3b483a2e57b8f26dab188a5cce3a6ad","sha256":"5ef6f6e110c6ef35d1e88899565a8eabf43e0d69d7f67d01aa5868dd30bf3fb7","sha512":"c817dec8f9a7d18b153b9e0e495f8ce6ea17257b695e5c41726f004e62756f8929fb8a3c233305796b25c12d60daf4a3c06e24fa1224edcc9d313b80fb6f85e7","ssdeep":"192:NIjWOHxjBTvo3b84h5/jAL1cLuyBpEB5TxZGXnQIKtjn:uVxBn4//8WL5pYxZJjn","tlshash":"9ff1bfa129c22c59865ce6241232f0f1bcdb242300bbc7a88e9e59fc2fd8bd8e178051","first_seen":"2026-05-22T03:52:37.235215Z","last_seen":"2026-07-04T10:35:10.874657Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1788,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":849,"receive":939,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitwin24-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.467Z","timestamp":1783161267467,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitwin24-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4932\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4932,"size_decoded":5261,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"8b9c0f397e508cab74726fa1800e64f6","sha1":"ab9c3829459da29efe97396a2ccfbc1abb57e9bb","sha256":"0ed1c3a301976020c0a32fb364181be31285138795deb80aba85aca560f7087c","sha512":"630449c09ae56b0251756a445d55578594fe60012c4a08ed0d3b19e2a423f95ccc0dde2df07bc061ba1ee90200ffb0249b039a1ff016792e2f3e2279c91e7856","ssdeep":"96:p894vZJkq1jEcGjax0GGdKiKQgDKgVexpAFeYqH6DTxOi5CHOsUJfvP+DM:SM5tE3jVGGHKr+gooTq6/InOsUJfvt","tlshash":"85a18d576696610eccbd1f3430a0a718fb5c0522c286ef0e3194c171a3e99fbac7997e","first_seen":"2026-05-22T03:52:37.454674Z","last_seen":"2026-07-04T10:35:10.880533Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1468,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":842,"receive":626,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coffee_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.496Z","timestamp":1783161267496,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coffee_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 15408\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":15408,"size_decoded":15737,"mime_type":"image/png","magic":"PNG image data, 99 x 100, 8-bit/color RGBA, non-interlaced","md5":"081d17b8e0b8fb7efb2d2faa175cb809","sha1":"64deaca43e66681d4769f54953a0b9977fe3ca09","sha256":"3cb5568776ec8c7728c7191c7b6ec3e5b6d81970f0130d5932312c31f7b0862d","sha512":"ed251fddda3c60d6993f051b75f072f640f1a711790a12ebfc8c732f5dc33e34eeb6b6f0448160d5ae127aed71097992e986eb09b979f6b62c233fa1df3a113d","ssdeep":"384:PH+zK2Ib4eGSsjK0jAlNPCbuNEbh5LDU0eVa:PH+zK2Ib4eGFjKggZo5LDU1Va","tlshash":"1962c098312f9c8a2b5f955a9cf812798871ebad0f3e2e8c2d547616c7c2a194d34893","first_seen":"2026-05-22T03:52:37.385863Z","last_seen":"2026-07-04T10:35:10.884766Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2052,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":819,"receive":1233,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/_fin_bg_dots_deg.gif","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:30.382Z","timestamp":1783161270382,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /_fin_bg_dots_deg.gif HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/css_IuF4HgUdgHj26fEOqKrFzLNVJ6kW_3J_QBPNBBdhnBg.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/gif\r\ncontent-length: 4749\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Mon, 15 Jun 2026 14:46:35 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4749,"size_decoded":5077,"mime_type":"image/gif","magic":"GIF image data, version 89a, 3000 x 91","md5":"f0db7ca9d50f03f7420fb3c1c26bd542","sha1":"aa47cbe62c5c8e57f4246d5224f4b5b9cb78c210","sha256":"14460d5a4721b5fbed88dcd352c1da40319ceff6b1564c3d26dd15ac65ee1d84","sha512":"7027cf1cf861f9121d95c0dfeb5f6f352576dfee18f21e15ca79360b5ae323cf4eb281353356a9094bf0a213bb1f94beed655058e299170d2ba27685ec05785e","ssdeep":"96:XIetFQhWJLcpDSmNDV7ALGGHmIDSk3ADgSrQ9/46b:4ebQhWCfpAyGHmQ88SrQZ","tlshash":"f3a18e356a3d66c29f0b22ef19d735003d5945bb9bfda808bb029dbe0709452ed0f84a","first_seen":"2025-06-12T11:05:42.360479Z","last_seen":"2026-07-04T10:35:10.891525Z","times_seen":11,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":521,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/hashpack_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.542Z","timestamp":1783161267542,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /hashpack_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2756\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2756,"size_decoded":3085,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"88e500fa93e90400ebac238902365615","sha1":"92301981aad57090769a505775487a0f533a86b1","sha256":"1984ea679204c5df2efc0ef5b33ad51c3db90d18f636f796f523f60f2e61d06e","sha512":"35b820b7968e09d819a42debeabe2c11f7ff99db70408aad72266a5eddaa4de63e5bf8843d2d47c9be1ba7ba8a1bd9a109bde7aae37c929cf7ef5bf0ee0c3a80","ssdeep":"","tlshash":"de512a8903ec5b02e90d3f3c75805b77dac33fa5669fa31d5bc1031b973948ea528189","first_seen":"2026-05-22T03:52:37.438211Z","last_seen":"2026-07-04T10:35:10.896113Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2015,"timings":{"blocked":759,"dns":0,"connect":0,"send":0,"wait":752,"receive":504,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/nami.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.586Z","timestamp":1783161267586,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /nami.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2301\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2301,"size_decoded":2630,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"efb4d45fbd0b4ef3ceea94e15c491591","sha1":"9264c771716cd4d28d4132cc431aa27f3fd7f72d","sha256":"1bf4fbb8044841a88d61295ff9b9bfd3ae462b642ecc32e0da31ea35b9c2f750","sha512":"2f1411da9d69e0cf00fa28f00ccd072086619decc8f03858b2759e8fb4602cc65ccc6b7ecd7e58466120db908eb07d675037bda67d7ae14ab897d84999c4f64a","ssdeep":"","tlshash":"6741d89a77442e00fe1e173c40c38b60d74aff21c5db5a6e89c144757b7a9d0d9685ce","first_seen":"2026-05-22T03:52:37.733116Z","last_seen":"2026-07-04T10:35:10.904758Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2268,"timings":{"blocked":1248,"dns":0,"connect":0,"send":0,"wait":808,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/pera.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.643Z","timestamp":1783161267643,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /pera.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3005\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3005,"size_decoded":3334,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"1482082d65defd4ac0b465ef74e94e30","sha1":"c4e25e2b1596a3e36533c3a6e4e4bd8d578e9c19","sha256":"2075426c40948bdef3c35bc6e948a8cceff2efaa4fec570b56ed771e00bf6f7d","sha512":"9621406bf309698ee19f83b4d462501e344c2b9b3bca072e38709a70056c20b7e984f56802861878fc879fdc22048abf9329dc3efd9014bd0019f3e710088e20","ssdeep":"","tlshash":"0651f8e703aeb339df2d6b7940215b75eb893e725bd7a34b15b248832f3c440881569e","first_seen":"2026-05-22T03:52:37.286744Z","last_seen":"2026-07-04T10:35:10.906871Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2087,"timings":{"blocked":988,"dns":0,"connect":0,"send":0,"wait":828,"receive":271,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/stargazer.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.704Z","timestamp":1783161267704,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /stargazer.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 6418\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":6418,"size_decoded":6746,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"8c47e4838bbe52559ce2dbec51c7a3b6","sha1":"d559e947065311124581ae8ab248378666f953fd","sha256":"59ced36fdfa9d12d26864cb14059be0f8baf2cc4b0eb9397c578d2e3957eebe7","sha512":"df7fda387ff9958fc9002fcb0181dcbdf2ec9cfe59fe06a95ed187f0f7c63d7eafc0969afa5516bd958bdf4eb47789e8c3c88fe5bc404403b1f63567f9f13038","ssdeep":"96:3ulcN63bF7xICx0JRUd1q4GtJauo3DOx77yM3LS5ucFJzVSfnFPiuELryRZI3:ScMJ9ICguDq4SJfozOxqM7S5JNYq0Zw","tlshash":"dbd18d2c0335a54a4294a1be8b51b53839ce8785a6ccf93f7d7db8a0c9c87ed24521a3","first_seen":"2026-05-22T03:52:37.704986Z","last_seen":"2026-07-04T10:35:10.909177Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2497,"timings":{"blocked":1614,"dns":0,"connect":0,"send":0,"wait":803,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitfinex.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.392Z","timestamp":1783161267392,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitfinex.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 5863\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7813,"size_decoded":6240,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a51b954b2aeb8b043f848cc36e08fad8","sha1":"8cb1a48242720549f6e44695c6c43f67e0d44737","sha256":"2776d3825406c18e2e8cc8db3a7c4286283085dce449f9224f233f04a9a73b62","sha512":"f8c3b491e7f05a9a68b9e88e157e78a36ce960cf59c125fbd1b796b6350d834c6bb2fd8321f7531b754d389d1ab1c268688874fd690805e699085cb65fa12c4b","ssdeep":"192:N3Kz0sAY66Qu8+abEho+7RZv2PN+sveyv7:JKzfx6LAho+dV2Isv57","tlshash":"d6f19eccf5c6a70c201bdb5b10277d8f5075af8011ce5c256fa1e34a97d0ac8420f29c","first_seen":"2026-05-22T03:52:37.585065Z","last_seen":"2026-07-04T10:35:10.921382Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":861,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/circle_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.490Z","timestamp":1783161267490,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /circle_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 7768\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7768,"size_decoded":8096,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"1eb30f59d6cb0d40cb30ca23400dde27","sha1":"ef984631ef903c7fce6bd659ffb751b8626f0e5c","sha256":"133fed9b16c109120a539de6ed134e00c6d5465bccfcb48ee8ac67d799aeeace","sha512":"d26c1f0659970ea98e10826deb2cb33f830584dc8927b9e40de85c1c1310d0693a19c8ff750c99dee0e8440138f0bb134701e13c82353577b6cd8295b7a2c923","ssdeep":"192:QScCahX0OzibmrLeJ/SQm4FzeXqwlBX0fk:3cCuXJibA5r6z/wrKk","tlshash":"7cf1af4ef2913839fbdd497d47a362124c87b39449e85f98212047b465e13f3b938a02","first_seen":"2026-05-22T03:52:37.48333Z","last_seen":"2026-07-04T10:35:10.924483Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1916,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":825,"receive":1091,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/eidoo.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.529Z","timestamp":1783161267529,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /eidoo.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3183\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3183,"size_decoded":3512,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"64ac01e4b53e71106cd01f770f871a39","sha1":"aa77e37ef521d84dc0b7c87319e808fe55874598","sha256":"602a34790c9a3694b2bb020db95a768ba641760090e6311d905ea5031c838147","sha512":"2b08f0bb008428a98e48419dccc24657c1e02ee0211d8f5026f0ae5f7161ba684d518720ed83dd9738d7c31f430dd2ff1ed570c07664f8c3bdcc148b5c7e6680","ssdeep":"","tlshash":"ad6139a297eb4a18cd7f273164619710e7623f278fc7db6c7d0100283bda0c48d25a4e","first_seen":"2026-05-22T03:52:37.578546Z","last_seen":"2026-07-04T10:35:10.927485Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2452,"timings":{"blocked":1513,"dns":0,"connect":0,"send":0,"wait":790,"receive":149,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/pontem-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.649Z","timestamp":1783161267649,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /pontem-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3552\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3552,"size_decoded":3881,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"f4126f53bb9ccdf1e01354cce7d318ed","sha1":"60703b57d93c66eaf595ff4dc83fd9ae07b35f8d","sha256":"801a8db6522a7e876d32b5e7de5ad1adba097ca784d6fb4dc6bc0ec4c50340eb","sha512":"dcd32f62b27dc874bd2d60b5fff78b2e293da2a8519e7dbccefb4c26828a119e5fdc1a50f199afd87e374742dea3a220a10de86fdec8029a98efc890564c4a4a","ssdeep":"","tlshash":"69713b53535a1f48decf5938e4509be1e6603f31f7af57d998d19003b7381c1e529004","first_seen":"2026-05-22T03:52:37.450474Z","last_seen":"2026-07-04T10:35:10.945252Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2462,"timings":{"blocked":1582,"dns":0,"connect":0,"send":0,"wait":837,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/samourai_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.692Z","timestamp":1783161267692,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /samourai_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 4199\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4199,"size_decoded":4527,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"44118de9838f40d5ddb0e3a046698a91","sha1":"2b91ed31867b3f10885d11013e31556c61762085","sha256":"d93981d5da12827226a68fab54d9d3cde0d2065136f6db92e1e9d2186da8b57a","sha512":"2959a30eabfa0e4b8eb23c64fa3f17542acb277670aba98c549407cc16fe02d44e5a4058c431209385f1a08de0a29b9ee9c2282822b07c7fcab0c8226d0f258b","ssdeep":"96:QTpkiPm7PqEhjDApqcz4LmpLsGRFAVMoioZCJ:QTWi8qMMqJqNHRFAVVZCJ","tlshash":"c2816eca373000e29e52215916862992773b0a12652b3971a71ed049d664dc7c1fac5f","first_seen":"2026-05-22T03:52:37.680195Z","last_seen":"2026-07-04T10:35:10.950406Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2321,"timings":{"blocked":1321,"dns":0,"connect":0,"send":0,"wait":728,"receive":272,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/cake_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.483Z","timestamp":1783161267483,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /cake_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2665\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2665,"size_decoded":2994,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"1a1e9779b4a5c4b5cd45c7fa1e69a8a6","sha1":"63f7ebc0470619e97c2c6b7642214c45fb02ba53","sha256":"457efb4ca81d96fcf460ca4f0ce76ce5eeb6df68ac8685420f2c115d307c685a","sha512":"28414a345252dfa16cded53a3a48f7293e71d5afe0418da511869495cc1d2766fb2b09819d2eb1dd3d445378782d50cef6134e4bf40a659dd4d6e6427ff30788","ssdeep":"","tlshash":"1a51e994e34c5319fd4e0abc35d0a7e0ce123e3f75b28b9d8981401737580456da4723","first_seen":"2026-05-22T03:52:37.718645Z","last_seen":"2026-07-04T10:35:10.952243Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1865,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":832,"receive":1033,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/diviwallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.525Z","timestamp":1783161267525,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /diviwallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2159\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2159,"size_decoded":2488,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"bd77556f82bd5f13d986e7041341d28b","sha1":"391d064b37384a4c1d36cac327af3086446606f3","sha256":"43ae3caf0382d0d55fe39706dfbfef82b8b9b48fca967aca9f978ff6c88b1cf6","sha512":"e6e0301f92e3c0bac0d2484b811bcfa937aa28e2c675ffcfbbe299f1af25b53c9c01f2ea5c60f34bd351479989dedc0a796d535b5d8146394249689e1866af1f","ssdeep":"","tlshash":"5041e81163981707d58c167c8190d380ebd67ba36fb2a34ecae122a877d80d57b7838b","first_seen":"2026-05-22T03:52:37.637746Z","last_seen":"2026-07-04T10:35:10.954844Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2692,"timings":{"blocked":1959,"dns":0,"connect":0,"send":0,"wait":733,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/nautilus-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.588Z","timestamp":1783161267588,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /nautilus-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4496\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4496,"size_decoded":4825,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"ce03d21c92edb2ba5c8286d2b030ca54","sha1":"03aed1582a8ce6cf9b25786937d201e20ad29e0c","sha256":"91cfad04032e4bde82f5a579fdd9fb62c9af2d2672705b9c97d7e07ae8b87440","sha512":"9ce52f68b7317d54e61d26a6f95c50b967f29bf1a4c15534dab4b5a9f0380deb9fc33c26d597bb7859e85dcea6f6d07551c3d9f430626275b17acf01fd94ef10","ssdeep":"96:X894v1QGBcqNicizMgxBmAmhH47cWMcnfkdgM+OAdv/eY:syQ1nzMgzgHofkdnAdv/eY","tlshash":"18915d72a284265cca1e0a7225122790ef057e40bfec9f6fce834c2d7ba9561060c1e3","first_seen":"2026-05-22T03:52:37.678905Z","last_seen":"2026-07-04T10:35:10.957326Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2468,"timings":{"blocked":1564,"dns":0,"connect":0,"send":0,"wait":861,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/slope.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.697Z","timestamp":1783161267697,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /slope.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2177\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2177,"size_decoded":2506,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"b74ebc8d87f00472ec3109af5948dd44","sha1":"86affd430f8ee19e240a24abdcc135551f0c153f","sha256":"21d69d4819d56bb48dd98c4d6782871d2e3c0744204a987a15f1fc875d416083","sha512":"f0800dae21b271aff86458ea2d6b2e4925d6537b75c26af573fe0904a90db787ed650c2ea3e873366fe13b82c7c2c56639e14b81556ef091b47108fe84feaab8","ssdeep":"","tlshash":"4241f89d04058c82f5679a3110b38b3359cab63ab681c25335479cd488b71ff14e791f","first_seen":"2026-05-22T03:52:37.625161Z","last_seen":"2026-07-04T10:35:10.959427Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2320,"timings":{"blocked":1361,"dns":0,"connect":0,"send":0,"wait":889,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/talisman.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.712Z","timestamp":1783161267712,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /talisman.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3377\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3377,"size_decoded":3706,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"bb171db270146368c3cacbbbcb4bbd6e","sha1":"41a6e4c0bbc8014c6d2ddc5165f724fab8d3b28f","sha256":"25786959c6afec6ef6dfaf13f8636477bfcfaf932c6fed76adce8750069f6816","sha512":"5a17ec478c6176b3d2acc08721ec60872593f4e791ce11d48c65e70ac20224f42ab0bdf7a487d8ac9f384f65738a2a1afe4f369296d0b917101a3a1c852071e5","ssdeep":"","tlshash":"88615bc5d71aab1dcf1e0b343604fbe0ef597e3b98cb9a69888090177336d90c214599","first_seen":"2026-05-22T03:52:37.434699Z","last_seen":"2026-07-04T10:35:10.960909Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2141,"timings":{"blocked":1061,"dns":0,"connect":0,"send":0,"wait":752,"receive":328,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/logo_nl.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.352Z","timestamp":1783161267352,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /logo_nl.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 28725\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Mon, 15 Jun 2026 14:46:14 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":28725,"size_decoded":29054,"mime_type":"image/png","magic":"PNG image data, 485 x 148, 8-bit/color RGBA, non-interlaced","md5":"3bc82ff6cd372f9362926362136825b0","sha1":"5b5f8899b9bee4a8fd459d4bdb9faedc509932e4","sha256":"a606db6e740bc39e538759c37b1d1e745187c87cc7a5089da2c0bd4b6d847c69","sha512":"7b76bbfa535f9d478c3596c7a348aacac5d4ab9e2d56cb393361607e99a725e94dd1be0833a583732c657d6e3c01ebb71939b307f39438d71b5728aeaf89f81d","ssdeep":"384:OpAc1is1p1pXYAKr/FM5hvQmox7wZIjvcR9vz8obu2nt5E/8hi63JhgEy/U4ZcFa:OADsb16W5amGprc8bi5EkBh2U4ZjSXAp","tlshash":"0fd2f1762df47871d78d5bba07e781a0c4884c64165b41977c3bb48a1f89dbe8603be3","first_seen":"2024-12-20T17:14:28.762532Z","last_seen":"2026-07-04T10:35:10.962663Z","times_seen":31,"resource_available":false,"data":null}},"time_used":2173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":667,"receive":1506,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/citowise_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.493Z","timestamp":1783161267493,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /citowise_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3345\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3345,"size_decoded":3674,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"924e888c871679e8bbdf336a922ecfab","sha1":"1a56b7ca902f054c0c7cb5467aca636ea68fb9fe","sha256":"43a1b66b191bc6442e54195d8d39a5f904db90a4cd0df91fb06111b32b6932aa","sha512":"4f61131b0c39e17cf4e78ae4414e6d8c2425f9174197bb221fe939a2ac14b0fac7d4d72d58f4455e75d76ba8c609c12f6fdaa2e08d59b974ed7b251410f9ff41","ssdeep":"","tlshash":"37611a56a3ac0b58d6ac3b7a449083a1ea07ae91d9aa03b94a50023737671c62df0713","first_seen":"2026-05-22T03:52:37.494198Z","last_seen":"2026-07-04T10:35:10.964291Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1914,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":823,"receive":1091,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/safemoon_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.688Z","timestamp":1783161267688,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /safemoon_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4374\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4374,"size_decoded":4703,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"4ab46633f93d877e373a93fb4283a37f","sha1":"ab1e0a3d91da248a29f2c887c9d6e3c0f1819513","sha256":"2d1a954b84343154dda42bd6c304f82928a34c031026713f2758b910d3c0b368","sha512":"9eacbd0a24f6bf2a2a02b2e7d31c84ca93b081cc454ec74b5cc120067d5397dfd15a8137092d6543d1b32ec57a2ad08c54ea46a6c9e3318776406debb8bba6e6","ssdeep":"96:X894v7B1R6lIg5VmWmYXoVwaL4UuS2yOvpL4RVXg:s8BqV5xoVZuSi8zXg","tlshash":"9e914a643d0c0a8ff46d6e34888163b0df783e319cbaab1d529ac509b76c5c24258b9c","first_seen":"2026-05-22T03:52:37.55355Z","last_seen":"2026-07-04T10:35:10.966231Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2124,"timings":{"blocked":1029,"dns":0,"connect":0,"send":0,"wait":785,"receive":310,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/yoroi.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.768Z","timestamp":1783161267768,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /yoroi.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 4658\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4658,"size_decoded":4986,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"f47ead977e497092edc07f0726032ff7","sha1":"465d8802ee02372aa64c93a664a2722981ad3e37","sha256":"a58aa0646999302f2cab942dd49d996154af008d71a39390d808cc81a42b709c","sha512":"97ff090cc12a682bde9ddedc0afc0a2238e72a341d64c2802d43197aac5a7e31b4859a292c28b2c45afbc0759ff9909f343f88be568e72fed94580299788d94b","ssdeep":"96:wXO82oNBtar24OS6QzBLDmjAaWIEhTQcjXfUiLQ3Uo8:v8LDt+OFOB3YAaWIEzc8o8","tlshash":"b4a17d72938e89b57e13a3d68e26444b78705aaa270847487361f87ecf0c9dd26dd3d2","first_seen":"2026-05-22T03:52:37.608852Z","last_seen":"2026-07-04T10:35:10.969834Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2374,"timings":{"blocked":1414,"dns":0,"connect":0,"send":0,"wait":831,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/young_platform.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.390Z","timestamp":1783161267390,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /young_platform.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 7409\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9868,"size_decoded":7786,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1397ff86a890a5d4cdbbcc4d38043110","sha1":"44dce089f96d2e2632750cd06c6d8f4366d2f0bc","sha256":"739a701251cb764137e30539857e28bc718b01f1ae65761173b6bcff90d2246e","sha512":"8f6d7349e2eecb38860cff0347820077833e8796e18b156c8c4f2489c0afda1538d3f489717d9f2c579025d4899c437245155d84e980b1728294e75692af46ba","ssdeep":"192:lo+RX9pqet4aeeUU90m82wn/tqJkbSToyvLOuvgjLmS0NFYssfMDlCO3dmAu:K+RCetdmsg20tqMST3jbYjLmNu0lJc","tlshash":"90129f5a9c1df8a5119e9e2942773cb3057326a7e0cc199f50906e6d00a9633eda272f","first_seen":"2026-05-22T03:52:37.805458Z","last_seen":"2026-07-04T10:35:10.971254Z","times_seen":5,"resource_available":false,"data":null}},"time_used":787,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":787,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/luno.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.406Z","timestamp":1783161267406,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /luno.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 7946\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11277,"size_decoded":8323,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2e0fd58e870308fa3e6ae4bacde11874","sha1":"d096e0363f7c731acc3fe8e35d5cfb8c2a88eb1e","sha256":"6563a88d576498fcba1f5fdfed07ab24a37b906e564838551d7bce03003cc626","sha512":"c4a27d3aeb320efc4ed13e4490872243dd5aeefd32c5d13b435314d9fc46f27fb3c4a51bd19f81f8a7f909de0a10ddc0b935cb86c37fa5fd8d89d0c69090c385","ssdeep":"192:9s/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZesa6lbuB/9KQjya6+xTOVcrDL3sF/g:3yW3G4ySbGKvPI6lw/9hjfvsFI","tlshash":"4932bef72f83613c94295298fe263f906e21014f93f1c6cde5dd2784a09126cf13499e","first_seen":"2026-05-22T03:52:37.693943Z","last_seen":"2026-07-04T10:35:10.973334Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":847,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitflyer.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.414Z","timestamp":1783161267414,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitflyer.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 11777\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15693,"size_decoded":12155,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a8f2d61604602ea6329790af0db96fd1","sha1":"27de0bf851543d228f5e0fb78918a5cd8259dcfc","sha256":"6634742b915752528dc65a34e400ade5fe809f667a99b0c3a8fc50c95bbfad2f","sha512":"12f3c35e8dc445d5a4f057838e7deb87944824444b55d7060a6599ab8a332420f1976ebeefc4239da4137ef218d8c09a91423b7c56f1a0a784cdaae32c3ac412","ssdeep":"384:wOHkMgjTvMQ4aNy2jJgFoAUwOKYo87zIZAsVOqi3:wOHkMg/RdICAUwZald","tlshash":"0262c0f28e635a0b47ea9410ad9dfa87cdc58ab5721ec4fa53c2142827401b0d6653df","first_seen":"2026-05-22T03:52:37.751221Z","last_seen":"2026-07-04T10:35:10.976034Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":839,"receive":306,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/daedalus.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.518Z","timestamp":1783161267518,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /daedalus.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 9973\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9973,"size_decoded":10301,"mime_type":"image/png","magic":"PNG image data, 99 x 100, 8-bit/color RGBA, non-interlaced","md5":"b9e59ee5bc5d5b9151ecd35db7b02bb8","sha1":"e9ce7a0d6153259def649d7fa1e047c632795d5b","sha256":"6fd1c19360ccf15ce64c6e94dd80d2801c92e0b2231edc57273468e9429498f1","sha512":"f122f6b595d0b1c7007d076dd1080d5513ba5bc6dbde1e48272c593ddccbf2b5350dd4414d289ddb9dd01a46729935ba1b1e98164c1240029d42384ba0e06f77","ssdeep":"192:NJ/hA5gE0TzwjFhZAHb49wvCWYiLJwVRxIhVVSAtjZe1TqmF:NjxEYqhi83WN+VfY/Jy8S","tlshash":"d522aec73c1eba410ccb8bee88bc1b50a3b15716dd96c921587e0d6d28624adff824d9","first_seen":"2026-05-22T03:52:37.649576Z","last_seen":"2026-07-04T10:35:10.9783Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1931,"timings":{"blocked":444,"dns":0,"connect":0,"send":0,"wait":795,"receive":692,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/mycelium_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.579Z","timestamp":1783161267579,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /mycelium_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3532\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3532,"size_decoded":3861,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"6a378a5460852f3977febb02524a2911","sha1":"9135518218de82edaca3091b2c8d9fe24856df59","sha256":"28a95fb2a02b0b42e1fc95ba38dd4d22695763318b757c01460ab174d5efbd76","sha512":"260f5da80c5e4e62231e4a98164ee120f6c5a61f8117e9e71187820b64710da18b017f3f531d63e3f2e8e76e27212b0f8da0c3d74ae8b045d44c445c72500a3f","ssdeep":"","tlshash":"fc71396183d43aacf95e603161a0eb42a885bda7c69fe26e05c044ee1b6a1c0da185c7","first_seen":"2026-05-22T03:52:37.294783Z","last_seen":"2026-07-04T10:35:10.979661Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2324,"timings":{"blocked":1264,"dns":0,"connect":0,"send":0,"wait":808,"receive":252,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/xwallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.767Z","timestamp":1783161267767,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /xwallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 7126\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":7126,"size_decoded":7454,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"67f4450d23373206a9dc8fd995aafe38","sha1":"1aab77978f22c9448f8a08713104903e6fb18e46","sha256":"aadc4c3ceb4d3e78a07a380b816d0b54e3cb6a37f07017187338fa04db348be2","sha512":"cfce68035f21c8f0128b56f907004878d83133bbdc5e0262e4c32270d741bd45f6d210482d348722cf7007e1636283a328aa5e91ab3a1793f6013c5f32aaa150","ssdeep":"96:hsHnQBC39C64QtOpeJHt6qa7C9sRrA/KCgJqveurv+ntxQ6ynx1zMnVaJwuNOOXY:Qp8fkJHt6/ustGKnJvmv6oxSPuggXI","tlshash":"cee1bf92f60bf3c24723f3bf51188ac6d1f85502bb0b4c5aa17b5ea8704e0210e557ca","first_seen":"2026-05-22T03:52:37.769166Z","last_seen":"2026-07-04T10:35:10.980877Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2336,"timings":{"blocked":1414,"dns":0,"connect":0,"send":0,"wait":831,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/etoro.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.365Z","timestamp":1783161267365,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /etoro.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 7014\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10041,"size_decoded":7391,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6f6caf70625ed0165531890d28b242a5","sha1":"a9be5230d119cb3583e5f54f3d6c1b7ee582c170","sha256":"081d90828b4a034a74c64bf7cf7c1e4cff93a66e2886e17e0c760c6131c26a26","sha512":"369813bfa2a2759d1e0bd73b2a8d83709765c8358cd6758f083f70d5a64fba9171363921bdcccbb99a40400d0ab58fc97f4c9217ef984f94dfd6198832a0a1b1","ssdeep":"192:9W/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZgvb5Q0V0ilLpqf4TljhY:FyW3G4ySbGKvPS8wpxTlS","tlshash":"c422aff35882e41da15d9ec87d283ac24d74949fa2f19b4cc49e0245b0f6b1df22468f","first_seen":"2026-05-22T03:52:37.6872Z","last_seen":"2026-07-04T10:35:10.982238Z","times_seen":5,"resource_available":false,"data":null}},"time_used":595,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":595,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bsdex.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.374Z","timestamp":1783161267374,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bsdex.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 3216\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4317,"size_decoded":3593,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a715383cf0b1f170142917cf510c76fa","sha1":"74fb57e903dc4efa17262d3e3b0288434f2301f3","sha256":"4636577048eeedd2cd9da5f772b9ab65641ec969cd53376cf1033fb7d27f096f","sha512":"41a939786abac21085df3c403b1e4484b80e6c78a20a0e9a0123dbafbdc4ee541d04d1f5e3d66c7c48a2a8b7288b86443585648ae4a0bb223ffce5b87241ac10","ssdeep":"96:+AldBFzWs1IzR1tt8SRUtrUG6uHLwfcULZVIdKOh+hKxGM81VY1:NvzWIsR1ttI/HLMcYdh1C1","tlshash":"c8916cf00283b93da98d3543f0a5a219cea11757135a67ea8b7d197f94a8bc204c8e08","first_seen":"2026-05-22T03:52:37.191676Z","last_seen":"2026-07-04T10:35:10.984263Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":880,"receive":391,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/biblepay_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.452Z","timestamp":1783161267452,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /biblepay_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 6103\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":6103,"size_decoded":6432,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"407f2b31a67048456988a311eeef7b50","sha1":"a72ae6ed882bd024abfa9e59bb6aac37d0bd8379","sha256":"4701cdf4b59728af0c3840f447a4752f799057f57e66fef3d09f5d3c8976d563","sha512":"8fc268d4e8d368febe6d0878e81086fe0fe222bfe28693df22db79fcb915781d6655f92d98531adc9d013929c352d52d639121d09e7afe9467bd97fb4ecdcf97","ssdeep":"96:u894vz6EU9lvKgiVBIJJZU8SFnm3H685tRCeeqzqJOQ+WwW4Xf3fbphqv:1qgqOZ4M3a857CvJOWwnP3fbphqv","tlshash":"2dc19f9aaf1c3784f74f56346680178b9c272316eba3c62fd150609bb32fa80034d35d","first_seen":"2026-05-22T03:52:37.763852Z","last_seen":"2026-07-04T10:35:10.985968Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":860,"receive":720,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitcoin_well.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.455Z","timestamp":1783161267455,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitcoin_well.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 11646\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":11646,"size_decoded":11975,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"1627e91c5a99c2e4a6c00e2aac4e6945","sha1":"cc4eb231b43b8cb4adda67eedf89bc028efe89f7","sha256":"c72c796af41bcb65612ec2e3b879bb0ee654266c2fdf5767ea66e88ea69d5ab1","sha512":"a54b832781603028d9dc9d1a0e1c25ecbbc974629ce0547d3266dc5d2891670f3dead7b5de5a9a40e6b06b3b50383a11ef236fd7757849b293f9c3e443fa4bd9","ssdeep":"192:9uzHCHHj+kvZ73rvMu8ZXRJOkPOY7SI7dupJkr1fnNQN+R2+gkn8ds:9uzHCnVvJbsXPBOYW6dkJkDRCs","tlshash":"f832cfdf7669b094ef096390726b4a45bd3ac504a08b0f8fc55b0b5418c173ad85261f","first_seen":"2026-05-22T03:52:37.812315Z","last_seen":"2026-07-04T10:35:10.988587Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1699,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":858,"receive":841,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitfi_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.458Z","timestamp":1783161267458,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitfi_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4559\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4559,"size_decoded":4888,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"d0df91636e41b546f3fcf90f8606226b","sha1":"ca924cd275b47cfcb414ead47e609265103da39b","sha256":"cae2ecba145f6b38eb2252ddabeff2756a755df8a9ed8d42938d8e5e44ff98f7","sha512":"c1a1b24233c0a163c7091f658811a7f26ce04e64731c3236a15a823fd3b2e7adc3f20b428e0dbea07adfd688ccd522cd24aab055e095412e61f3259b2a9587d0","ssdeep":"96:v894vWjAnGpdctZHPcbsWYtyAadXqVkwDlYXVzusgmt:U7jAnGpdIZ0bFYUAadXqSQlK0K","tlshash":"c2914db34fa44750d95c5e3e91405bc08b6b3fa48ca6f78c0a85814b2fe4854cb2db4d","first_seen":"2026-05-22T03:52:37.765056Z","last_seen":"2026-07-04T10:35:10.990693Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1514,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":853,"receive":661,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/blockchain_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.470Z","timestamp":1783161267470,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /blockchain_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3471\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3471,"size_decoded":3799,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"0890b3b63d5106b5dd07e790f068b9ec","sha1":"8164cce00d329bc5d0d8e41afa8b54886b810ee2","sha256":"385578e6b77c2b60fe5b3b163e85c674c745eb5dfbfdedc2ec08686fea860768","sha512":"0cb3d43f0f6dcb3af286cdef1068526298755614f7a30fc1bbbf12c1d99e0a341561c76b516de30737e16035ed9ae51ea7d308f821392531388f10b0b1b2c34d","ssdeep":"","tlshash":"636159fb408a66f15b0b4a83edad5144cd828e2415a3d1123684bcbd3748b98bc2ee45","first_seen":"2026-05-22T03:52:37.565208Z","last_seen":"2026-07-04T10:35:10.994872Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1742,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":843,"receive":899,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/casascius_physical_bitcoin.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.485Z","timestamp":1783161267485,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /casascius_physical_bitcoin.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4039\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4039,"size_decoded":4368,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 100x91, components 3","md5":"1b0c18c860f0bc5909dd197589f74bc3","sha1":"a5095f8eec7284ac311348e7e0afa9bf0dce69d1","sha256":"f55c11b8ab1209503f63d9ab3376c4f59da875f6ac64f17788b6d07de05da880","sha512":"dbb9c1d604f7611f3cf7eabcfb8e7a20d3cf2f412dabc8e978d662c7baeb56b5f859284e2198a05c9010eee5d12781612ba99ef5643d31c54db318361780eaf8","ssdeep":"","tlshash":"69816e512e23de01e3d850f097a6f321a555b4724fab00d337c976d97bdf989403c642","first_seen":"2026-05-22T03:52:37.576428Z","last_seen":"2026-07-04T10:35:10.996937Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1863,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":830,"receive":1033,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coinapult.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.499Z","timestamp":1783161267499,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coinapult.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 5966\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5966,"size_decoded":6294,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"d5897ec77e1b44ae0b3cc7def60980c1","sha1":"6c8e7c07510d87c4f86878033dc9b128ce4e49b2","sha256":"3caddf135306305507a9a5a5ee368fcbe17de1df0fc163508a5a3136bb37e7d2","sha512":"cbd6097ba2afb1d9aa1c4c23ab90395f59d6cd8c4be21a51299d0e24053c9bb6829cbbb5829473ed9cab5b5a08c0b2c81c4dcd0eee8eadd85c94fb515527418d","ssdeep":"96:U7OVAoFW9vb7yOnvbnfJfNtpLZDC6mduVNgjV4Zjl8Eodj92Mv7Z0nMkKvEryms+:qOV5FGPyufttpC0NgjyZ5qdjXvV0nM76","tlshash":"48c17fe799ae81dc44293af0542192c950336ac5cfe47e8b0d29d88658ae61d68f5372","first_seen":"2026-05-22T03:52:37.78154Z","last_seen":"2026-07-04T10:35:10.998665Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1813,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":815,"receive":998,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coinvault.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.506Z","timestamp":1783161267506,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coinvault.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2084\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2084,"size_decoded":2413,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"205368a82816d050729ad244369e3d5c","sha1":"17aeb2b3d1169a2c5a4e584276e7ff50978835c2","sha256":"a45caa828197b7d4a387d73de4a02dc4618ba2dc53f4831c65baa569499fd2a9","sha512":"824ef72cbe108e1b2690acd06246818ffc6fb4125c60cc09da9624007c135aeb13b029e5a223c30265046bae195685a4f8666130819e083500af767ea8826aed","ssdeep":"","tlshash":"7741f9515f442f0ee51f177012c06bb2d10bbf3296f6576d8a82452e737e5c88b047b2","first_seen":"2026-05-22T03:52:37.632538Z","last_seen":"2026-07-04T10:35:11.000578Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1867,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":790,"receive":1077,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/edge_app.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.527Z","timestamp":1783161267527,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /edge_app.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2326\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2326,"size_decoded":2655,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"25ace54b576f8e4f39a227d0c9417ffb","sha1":"0ccf97ac979d4febae83398856fd6b3d2f4777a5","sha256":"e6964fbb194ed104f3d86225918c9d2509a2d5bc9289e399ccabc48c4eb95330","sha512":"3c756be9ad087f8159ae2d3f2b5abe5dbcd9c8518ce0b7c4a061252ced03eeef84a23cb0ab115ae1d58a9d5d25276130b9ed1e37e2d3b33e0117827b39d2c6d0","ssdeep":"","tlshash":"a441c7fa9bed5e2bed8d2f3835404784e367ff37ca52467dc580c0a627691c2959c08a","first_seen":"2026-05-22T03:52:37.413094Z","last_seen":"2026-07-04T10:35:11.002614Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1958,"timings":{"blocked":671,"dns":0,"connect":0,"send":0,"wait":841,"receive":446,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/mobi.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.571Z","timestamp":1783161267571,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /mobi.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2058\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2058,"size_decoded":2387,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"d0e9bd56e4ebceb772bc9f68062fd63b","sha1":"782a516d9e8def7a4bbbeaafbfd248288829c3af","sha256":"6d05934c79af94e52fc3d05dbf24d42ee07a3641774e7b161a9c46bd3c5abbbd","sha512":"6a11b492876712299990c3966d58ad357d21b465a8df3a10054c91c391bc3fed5b64ac4155a654c556a45babc305c823901b98b7c2185a94f6dd6e33e635c9e6","ssdeep":"","tlshash":"3d41b5c21f182338cd2c26359b60072ce9557e31d796937a0d6281bd3fbb4809d24e95","first_seen":"2026-05-22T03:52:37.690816Z","last_seen":"2026-07-04T10:35:11.005882Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2095,"timings":{"blocked":899,"dns":0,"connect":0,"send":0,"wait":727,"receive":469,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/stepngo-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.707Z","timestamp":1783161267707,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /stepngo-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2432\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2432,"size_decoded":2761,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"cdbdc0ab6956955f3ce74ce1665bee7f","sha1":"b9523cc0b914a1e9425d80d5db61aaaf182e318b","sha256":"fa1294bf064fb29cc261b14aa899691019603dff5c9ae57360148cedc3c48189","sha512":"831755271440ee8c1cf0edef503f6f7c958336861a1c2feabd9b0ce880ad976501b1d320e74b9567110d3c8d2510d9a27dbfc680303dd2caf2767e890d84344f","ssdeep":"","tlshash":"7b411c3e332d8744fa5c5ff62e9047e2d35e7d326ada17c68849011d77a84f18d0468d","first_seen":"2026-05-22T03:52:37.682164Z","last_seen":"2026-07-04T10:35:11.008893Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2342,"timings":{"blocked":1400,"dns":0,"connect":0,"send":0,"wait":851,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/tokenpocket_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.748Z","timestamp":1783161267748,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /tokenpocket_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2367\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2367,"size_decoded":2696,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"bf9048b89092c09f5880e2a7bc2966f8","sha1":"0243f6962b4e3e436d1d04b3f97aafc989762603","sha256":"9312e32893425021ccd72be97bfd6ba183ceaa796830cd8e3b130b0e030a6843","sha512":"8ccbd23b978d450d267506b1e1123955409257b1cd56645aee9e9ec5d5f826dfbd40c753baf0998f9e847b368b835395399b32c627fe79ade867e2fe7931e99a","ssdeep":"","tlshash":"d941d7662f4d2b19f91d1eb4604057a4dbaa2a62dee7b35c88c40019bb5a4c6da6820b","first_seen":"2026-05-22T03:52:37.441325Z","last_seen":"2026-07-04T10:35:11.011567Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2138,"timings":{"blocked":1058,"dns":0,"connect":0,"send":0,"wait":752,"receive":328,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/xdefi_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.766Z","timestamp":1783161267766,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /xdefi_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3587\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3587,"size_decoded":3916,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"c950f9cd7903fc75d71437f5313a01d3","sha1":"2dbb6a3a2e4ede188053c341752a75d73ea35c87","sha256":"ee49cfba5d49680278bb55af78ecfa821f82c9741b003755f91a73df7ac92cd0","sha512":"f92809a2628ac13141d06056777d96ed4e6e18f52db9643d78a3aa14b02748310ed089c604ce237137b997dbf4f45f2413898595daaa92e7529a27400a3ec256","ssdeep":"","tlshash":"8f714be25b1c0315da4e0f7428a04f36f7ae27b0dc1ab73d91c782511774afca268a96","first_seen":"2026-05-22T03:52:37.646203Z","last_seen":"2026-07-04T10:35:11.01364Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2374,"timings":{"blocked":1414,"dns":0,"connect":0,"send":0,"wait":831,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/blue_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.474Z","timestamp":1783161267474,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /blue_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3325\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3325,"size_decoded":3653,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"f286df5bc0da39c9385f49774144e64c","sha1":"31eb9343b2f458517e8745beb34153eace88487a","sha256":"3dd64186120a29f2f3a5a847b18294a85814f43160b70420a002e5503e38b33f","sha512":"5176f7860214beb0a3191f13f4d6af496c17962e3aaf3b09e083b473b5049de6048034d4154237acecfb6465458201993a5ef0da31874a74980c82f95a6a308a","ssdeep":"","tlshash":"32614b009a0f694fa850f6d93e352cb2616742b0d9e716c606bd7c8e9a233bc12659e3","first_seen":"2026-05-22T03:52:37.736857Z","last_seen":"2026-07-04T10:35:11.016942Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":838,"receive":701,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitlox_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.462Z","timestamp":1783161267462,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitlox_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3473\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3473,"size_decoded":3801,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"19e07dea8cffb29160c81257cc760239","sha1":"7a29c50d878dd8357c7b138716e761ea3e2ade78","sha256":"3742ec000e6c57be002edf30d4f126e7cc36ad8dc8ab4ddc91755c85a1dcf1e6","sha512":"3dca407db936a8208ac21f4eab8a64553862b6a3b3c39201921613483c55a45bc529846159b97b1e18320669c0bd3472e3bb698826dd67b9bb8eaca7780c38f8","ssdeep":"","tlshash":"05616df930f642a8c56331062ee29340e7e36b8584c54ded6810ed3d0f693bc61d699e","first_seen":"2026-05-22T03:52:37.425115Z","last_seen":"2026-07-04T10:35:11.020756Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1551,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":850,"receive":701,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/typhon-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.749Z","timestamp":1783161267749,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /typhon-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2638\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2638,"size_decoded":2967,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"c834aaa2c5756b13e59ef0e6bfe3ae3e","sha1":"21a00fe01e59f21f97920c528064f3d8b7c3c8f4","sha256":"4406db6c52540a178d84a69850d38e83c8464d86b6d0e3d0aed0c8e66f3ac4ed","sha512":"7e1ca97c4a89fef3c176f15dadd56554921ed94aa5c322208abcf64c964ebc1fbfe87d0c345332360a30ffba9f5103c2d20db9c9a2621662468a0592e47abcac","ssdeep":"","tlshash":"9d51f7c807663618d88d0ffc98d5cbe1da165b71aeff9b1c4c820806b73b8c14c1a1ae","first_seen":"2026-05-22T03:52:37.519376Z","last_seen":"2026-07-04T10:35:11.023197Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2493,"timings":{"blocked":1610,"dns":0,"connect":0,"send":0,"wait":803,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/mexc.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.395Z","timestamp":1783161267395,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /mexc.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 6459\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9305,"size_decoded":6836,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"50a7804027487808abbe92321b3c9233","sha1":"89f8317f549277b0a84b8bfee33af39093b9a7fa","sha256":"82e13f4aeef72e3a709de36f23c8097c15c100fb8500c270341953952d2e9b0d","sha512":"1ba624f867703a3712bbf84ed755239f0f55306b0013345b8084e8b5c185465dedc4e24fa3c58ddcfc7a1e992c04836ac555685b449d3a83016f311ececfa503","ssdeep":"192:9Y/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZWP5UsDSa7PaLvZxliaA5Y1E:byW3G4ySbGKvPCFGa7Oo4S","tlshash":"5c12aef77c83281c505dc6d8ba9c5ae15eb4380f83f0d35de965a684507372ce2658de","first_seen":"2026-05-22T03:52:37.676114Z","last_seen":"2026-07-04T10:35:11.025022Z","times_seen":5,"resource_available":false,"data":null}},"time_used":815,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":815,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/alpaca-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.434Z","timestamp":1783161267434,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /alpaca-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3926\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3926,"size_decoded":4254,"mime_type":"image/png","magic":"PNG image data, 99 x 100, 8-bit/color RGBA, non-interlaced","md5":"63c8da12d26e3c668d858c1f3eddcace","sha1":"e4aff7c43aea4c8502fa89846e95c583fd45d406","sha256":"01abc388615b8e5d17a43e0ada8544001424e5254beaf08b226e3224b1f07f0b","sha512":"a1f4a8d282338508611f91fa82fbbb8dc3fe7f792a75f0e185770b51afcb5b83e0b214bff061d236833021b168f350f757d1cb661de83cae434e44b2c40b4e5f","ssdeep":"","tlshash":"91818de6b9bb2070e29d8a4d04105be42e99862b884c738d3dd4c09d41c4f143afef82","first_seen":"2026-05-22T03:52:37.30214Z","last_seen":"2026-07-04T10:35:11.02673Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1779,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":880,"receive":899,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/lobstr_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.560Z","timestamp":1783161267560,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /lobstr_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 4455\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4455,"size_decoded":4783,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"964dbbf8577a3fc8e07f04a33c966b98","sha1":"b197fcdfeaa05444a3d274d76bbb3ded4583f308","sha256":"e7160a72f90f5aaf435f77ce4ea1fe84af39685ac1e69b7f7228f24accd5e899","sha512":"5c6bbe36e6c2c70fef5ebd8856baa5276bf4f4113c822a19fddcabd6ffae13f72372aa5abcca3fa2f7dc7a3919d71e4663629a9974bc3f55c6d26d8e0eef6942","ssdeep":"96:JaKUjdo/MQhtJYZdoEszEepgLGn8qS9sh18C/EWNRrQ9NC2:JaM/MQht6Wwc0GnK9sQCRC5","tlshash":"e6918e376a4b9d61dc1b4531307280a38893460b69b92b4cfbaded84385b62409efdf3","first_seen":"2026-05-22T03:52:37.714559Z","last_seen":"2026-07-04T10:35:11.029082Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2070,"timings":{"blocked":858,"dns":0,"connect":0,"send":0,"wait":769,"receive":443,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/muun-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.575Z","timestamp":1783161267575,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /muun-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 1144\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1144,"size_decoded":1472,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"c1a245f19733215bb324fad9519bac24","sha1":"54218efec31904b5457a4a310a3aab2c7b749c6f","sha256":"616f122e7c9611a30a0a5a20de50f93022f7fcdac0d6cb174edf6de47f4ee12a","sha512":"c13acdf484243504b566afdd34f404f4f9bcb27c1ecf91edeb8ddc3ff8caab3462ada53b7dbcdca66b21983ae9d6d60777ad8d05b4bb924bcea3cf8ce2af9169","ssdeep":"","tlshash":"5921f9e7df237d1cdd874f3053b48486e636432a07be061cae5cd0045e46308727a746","first_seen":"2026-05-22T03:52:37.395424Z","last_seen":"2026-07-04T10:35:11.031543Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2060,"timings":{"blocked":891,"dns":0,"connect":0,"send":0,"wait":726,"receive":443,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/wallet-of-satoshi.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.759Z","timestamp":1783161267759,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /wallet-of-satoshi.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 2621\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2621,"size_decoded":2949,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"01b9bd1e74128eb3dbe6887d23c81bf4","sha1":"4dd9d139427a48a65d87209bb5395e1f3b3125cc","sha256":"ccff3bb87c78ecc14429fc9301fde75b6173416c6c4949e220427cb99712f106","sha512":"ad8a9388c9e390857d528b790255179e0ee9534d92d42dd566e67b3ce646f264424ae043b43595bfeca3a1b251994536473d8579aee58b5b217d0cc997d3be7f","ssdeep":"","tlshash":"2351e7e7a2356865a246c555cbeac109cc24b7109662c6c836c8fbb98138a57ef07f83","first_seen":"2026-05-22T03:52:37.227504Z","last_seen":"2026-07-04T10:35:11.035974Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2161,"timings":{"blocked":1098,"dns":0,"connect":0,"send":0,"wait":711,"receive":352,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/wasabi_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.761Z","timestamp":1783161267761,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /wasabi_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 5107\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5107,"size_decoded":5435,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"ba36923c8845ea2bfd87b89dcdcb1002","sha1":"f93a889de9f38b55cb491c1bf195ba8db7314c7f","sha256":"d9c6df779895d713534827a6b73451d2318597cf6ab707a44f0919f3c338e1e9","sha512":"71dabe0ee1bbf60fad18793044b03f0027d36619bb7e76b0828e1d08a2422466f9784a043cadcf779a429ecf5fe1f987c366a1e32155a636d524549952fe5234","ssdeep":"96:pzQU+wRHYZmsouMseGjQ1XoJMUI8E0rNsFvUFLvJVpa/qeibQztx:pzBHKmsouMsO1Xo68E0JQU9vzkCeaQz7","tlshash":"f9b18ef4e918b0559425605ca35281beca243b612666ccc386bdcd6aace073643cfab9","first_seen":"2026-05-22T03:52:37.628156Z","last_seen":"2026-07-04T10:35:11.04199Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2161,"timings":{"blocked":1098,"dns":0,"connect":0,"send":0,"wait":711,"receive":352,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/css2.css","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.811Z","timestamp":1783161267811,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/fonts.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: text/html\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1251,"size_decoded":965,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-07-04T20:29:07.248534Z","times_seen":138644,"resource_available":true,"data":null}},"time_used":2539,"timings":{"blocked":1771,"dns":0,"connect":0,"send":0,"wait":768,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/phemex.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.404Z","timestamp":1783161267404,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /phemex.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 3966\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5497,"size_decoded":4343,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6eff09f7641a3aa644005223e017e028","sha1":"61c417d558bb308cfcdbcc623d51a5cf530a1ddf","sha256":"356a2ef364985d916bc6d1d5a7c56ad928a1fb9e1756aad6fb697db92590592d","sha512":"39d282e8ad9db11c2a42f29c14bce090cacb703afd3d4e72d0bdfb6eb0c61b3a5ebcd5b89aa2f41e7820933e9465b9ac50a23dc156d31abe393730a2480b071c","ssdeep":"96:+AtNrlH9Kwr5zZwC9vpcytVhSDCWL6wUrwnbPRZxAYcQQAIW2T6Zs7ENHGr9TXzb:NDrlddFZPpp7UCWC8nbpBNQpWE6fiDeu","tlshash":"beb18e3a7157ac5e1b2e4a257cd91e08ac84f60dc348c6e6eee98cf3356980f2c5751c","first_seen":"2026-05-22T03:52:37.463152Z","last_seen":"2026-07-04T10:35:11.048981Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1008,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":848,"receive":160,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/adamant-messenger-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.431Z","timestamp":1783161267431,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /adamant-messenger-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 6731\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6731,"size_decoded":7059,"mime_type":"image/png","magic":"PNG image data, 91 x 100, 8-bit/color RGBA, non-interlaced","md5":"d0522fdf0a2727b9d0ca1de77df7556a","sha1":"b1cfb1832f2b4665bd5f2d3afbddfa70a09476f6","sha256":"e78c341bdce129b54569f2236482a84054cbaeab2eb0b08582e17c54a0fddd11","sha512":"394c56156ff3d4ebea6aecf78441051611f2a8697d852cc0e713a20b02395a7a827b373543b1a7f1b84932c587ad9e148d6682e9f03c9cd5aa09b2805445d574","ssdeep":"192:/B2eLWUoUfSJ6RLfOpb4HhYg3zS0K4kMT:eUNKJc8b4hjzS39MT","tlshash":"1bd1ae6f201ac488ca2e6f52c432454b2f6d3ce3a68fe6404029cb8959505e8bfdd9cf","first_seen":"2026-05-22T03:52:37.710292Z","last_seen":"2026-07-04T10:35:11.050987Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1423,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":879,"receive":544,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/armory_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.440Z","timestamp":1783161267440,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /armory_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 9903\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9903,"size_decoded":10231,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"8d4cd529dad569e3b07b1ea1bc162749","sha1":"39e288e63e94fbe36d830081cc0448ab4dc56aab","sha256":"d21f3a44a5afb1888825822e319eaec1250542bd523e2c905ed1246412ee547e","sha512":"01c3aafe29172eeff582c3beee1887e844db8032a8dd02444b363e4a9e248123edf1de54204f705e2e6882e333fc0847330161cc579f5144881c5573af9f6afe","ssdeep":"192:rIeyWXRWZJQJ55ZBQaWqdiQJv7vwsI1DZ48Y7LWFSCds6Rl2:rRyWBWZaJPZBQaWqdiQhcNPaGrds2l2","tlshash":"9212bf5721093bb8e8154fe2e528c697da211a964ce29ba3b0343d6d6c314e73bcbd18","first_seen":"2026-05-22T03:52:37.648423Z","last_seen":"2026-07-04T10:35:11.05332Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1673,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":873,"receive":800,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/atomex_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.445Z","timestamp":1783161267445,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /atomex_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2242\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2242,"size_decoded":2571,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"d2982a7acb637d98d7cd8e3a527ff3a9","sha1":"9ca9d14ccf7d8bbc8aa7ad09b55e9e60d1dd2a77","sha256":"05b34e8a4c632659eb6c65bcd506fdc4eaffc71b20e7cbbc3dbcc4b7d51f78ab","sha512":"a0776a5818a99c1f3dcaf4c621b034c18dd410e6bdea7e6edc29b659ecf0dabb2dd30eae5bfd5295b2e1a0a04639cef7565618c87a2cb7e29668d04f2d9eb6a4","ssdeep":"","tlshash":"3541e69223263b46d60d263159c45ba5f37b7eb5da82d36c8a01453bbbed0c2ed7c08d","first_seen":"2026-05-22T03:52:37.436164Z","last_seen":"2026-07-04T10:35:11.05625Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1451,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":867,"receive":584,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/martian-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.564Z","timestamp":1783161267564,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /martian-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3830\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3830,"size_decoded":4159,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"d191ec33ad1e5b9b04b9fea99d544bde","sha1":"e1e018c3595987b9b776069d6d9c7e48a93bbce8","sha256":"29344418ce9aa30892da26bcb04d3ac6ffee5cd8710dc28e4c1fbdcba5e243d9","sha512":"1966ce84f9e91082a72112c25d18be4a3514a71caf839b2f6c6c97fd1203fece3370a4a9a92ea749819c1db5776a98b8a4a951bc0bcbad3ec6b89150715f8616","ssdeep":"","tlshash":"9b814c9057092749e01c673e24d29fb1db687a215266c3fdbb81805d71bf540d3989ea","first_seen":"2026-05-22T03:52:37.282285Z","last_seen":"2026-07-04T10:35:11.058201Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2664,"timings":{"blocked":1920,"dns":0,"connect":0,"send":0,"wait":744,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/omniwallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.634Z","timestamp":1783161267634,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /omniwallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 7932\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7932,"size_decoded":8260,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"1666e8ea479f5d6f7f3f79aa1991ad03","sha1":"8bd9e6ab1c4123cbb003347bd3b271452b45c731","sha256":"a13c582b31fa7d97852aa0a64fdc65539f52c785c3e68d137445d52876e26c36","sha512":"56f13bb938c9c4c721bd4c5ab2134d61a6169a9de85cda437d0f9190077982460875be935733685995110ffdf779241533c90ad8c02d26404cf91507034af598","ssdeep":"192:jZPfesrRr/UOrDzcSYYBhddFHFdJDoXN4/mTxNqpyzg3:tPmslr/Ua5YUoXW/2zzg3","tlshash":"6ff1af8b59b6391fc904a12dccaf14c56520a4850622b59d436d12bc3db77db35d6fd0","first_seen":"2026-05-22T03:52:37.582788Z","last_seen":"2026-07-04T10:35:11.059923Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2523,"timings":{"blocked":1700,"dns":0,"connect":0,"send":0,"wait":721,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.859Z","timestamp":1783161267859,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.2/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Wed, 02 Aug 2023 21:01:56 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 1453\r\nexpires: Thu, 24 Jun 2027 10:34:27 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I53m3ikX1iP1Gto8QIE8RfREyqWXqpFbGVIYwnK38F2zu9baHxRF%2F1oTYEfxWTX1pecrT2JeSkqtc%2FhORSOZO0qf%2BZ9uhEnn8xsJIKbaslZuI%2FOyJgQr9A1fMcNtoPXR2iT7WRZH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a15d7a443a21b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102217,"size_decoded":19752,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"5222e06b77a1692fa2520a219840e6be","sha1":"8b4236206a8b86af3761a244277663046d7ff7ee","sha256":"0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5","sha512":"cf780ba5def29277f562835b0b3a9129ce2aca8afc81a294d6a9a7f824a1c5bb81bac00d23d42946884606b7821642b12e17a2e92f424171446db2aea8b8340c","ssdeep":"1536:0wMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuuprrlCq:M709gMGFiyPGuuprlCq","tlshash":"09a3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-08-04T22:28:10Z","last_seen":"2026-07-04T20:01:48.394196Z","times_seen":44845,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":3,"connect":14,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/bitpanda.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.358Z","timestamp":1783161267358,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /bitpanda.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 662\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1152,"size_decoded":1038,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"05eabb136fcce3e9027f5425fcbe5e79","sha1":"d57bebda4f4bfd15ea767ec61519a6aaf9c7201c","sha256":"6d6a99356cd396022cc100e7d1e02ac873fc9560451bb47ee8c4aa302d806816","sha512":"9ea2e8b3e3d9464e470917a858699d56f439f2624ca7df436ed623f11bd0afde51a580b21da2b28fe03a13dc8987ade49241d590e68fe66fb7a30bf8ddb546d5","ssdeep":"","tlshash":"19216339d9b9d2305d4d4338473044b530bdba09b786593ce4368fb0605bf11469c6fe","first_seen":"2026-05-22T03:52:37.381398Z","last_seen":"2026-07-04T10:35:11.063077Z","times_seen":5,"resource_available":false,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/cex_io.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.400Z","timestamp":1783161267400,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /cex_io.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 7040\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":10081,"size_decoded":7417,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"102d65b877234b855e93d5c782508855","sha1":"ebfd420970443b7c640f80d149c33cc2ef6760bd","sha256":"c4bb3c168e0e83e69cc6a2503ddd7d43fbcb2c2e478abcaf5e5f49697ea91969","sha512":"38ea838f238bf9a04e27769ff00c099b596c6510534301cc44cf736c7a6fdfddaa4de3566a5bac346985593ee731c9914dc5d1e8cc414928d951f8adbdd68542","ssdeep":"192:94/iyW3G2OWf6SMpa7mxYF7y4nJHaqZZnOfI2T/pkkLkYPencESNfNulsmJmo9q1:DyW3G4ySbGKvPQnTN3wq1uqFocn1","tlshash":"45229eff1c07a12c310d489c3975a6e18d38648ba3e4cb4ed4683a54a1f2708f7258af","first_seen":"2026-05-22T03:52:37.493264Z","last_seen":"2026-07-04T10:35:11.070126Z","times_seen":5,"resource_available":false,"data":null}},"time_used":969,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":852,"receive":117,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coincollect_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.501Z","timestamp":1783161267501,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coincollect_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3496\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3496,"size_decoded":3825,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 99x100, components 3","md5":"d8c52fe01c6474fb68863f3bc725f345","sha1":"58f7c8bf69b14945e50e9b6079d07cde37b960b4","sha256":"76b90c6e82985d031cfc7e53fcb46ae0c3d5f9bbf27009adf1ffbbe58534effe","sha512":"b36ff0050ded96b031c9a4767c4b3537d007be4981e815589246076db29bfff3f2debdb9f204a7041c1ab899c373a46bf58cfaa1c85edb24d05fdd199b0b28e7","ssdeep":"","tlshash":"48717d427aa1ace7a4c531732509f664d9655163720b02ccb316bc2fbfe60c9741c2fd","first_seen":"2026-05-22T03:52:37.338098Z","last_seen":"2026-07-04T10:35:11.072098Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1930,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":815,"receive":1115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/ctrl-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.514Z","timestamp":1783161267514,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /ctrl-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2323\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2323,"size_decoded":2652,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"45021af5c0b86900b7e8204fdd1ce7c7","sha1":"0e22e8430939bccc1fd6c631d9a09e05cd894a78","sha256":"f80b3bd64023a5252b3353d2037bdec7ab0ebff879664f1a22ece8056fcf0771","sha512":"bedcdea4db88bfef650c85e558d5c4c2bebbc189f61d83ca60599ea155449b96705b4da73c32df5ff883a8a0ab039f68b350e9b8fed0f70b575f069c0e929a52","ssdeep":"","tlshash":"154107574b54af10ea8e67b060814fd0ef197f224bc383bb6582405af77fcc00c4818a","first_seen":"2026-05-22T03:52:37.34544Z","last_seen":"2026-07-04T10:35:11.076968Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1874,"timings":{"blocked":359,"dns":0,"connect":0,"send":0,"wait":880,"receive":635,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/functionx_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.535Z","timestamp":1783161267535,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /functionx_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2300\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2300,"size_decoded":2629,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"d4a4dfe5975e1b4a0bc6fbc941754246","sha1":"96a04941e71dd72d809f1ed3dcd301c63b74cac0","sha256":"423ba36bfb725712335bc7e7b3aedee0fe5dbca9db0413fea85bd8b7cdb73cd3","sha512":"87a91908bf95fb2f96fc205c716de2699c6e6b8ce0fc309a3a4e63f429614ee85df4f40399183a6300e0c4bd03692f05bea7d6c3b1e50fb1208f5cbc28a9140d","ssdeep":"","tlshash":"1641c7a10b651a61e85e0bf860c41745eb6c3b709abbbabe5845580a677a5c09f18307","first_seen":"2026-05-22T03:52:37.238567Z","last_seen":"2026-07-04T10:35:11.079602Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1982,"timings":{"blocked":729,"dns":0,"connect":0,"send":0,"wait":783,"receive":470,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/magnum_wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.563Z","timestamp":1783161267563,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /magnum_wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3466\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3466,"size_decoded":3795,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"dbd43dd088e04703425649e26ab6043c","sha1":"515ae6b9e8bae0e640c87cc28626c9210f51df1f","sha256":"90f454e21a532dc6a688f38ecc3b7636aeb7cf615542a868a89e5c3cebfdec90","sha512":"1b52076915694c2ccabb3a27e67bff95065f3eff53bbb62d969c01543f5a5900c94823933dc500a503f19249e7cf2f3cad6c68e6a36a0e851b720dd389bc44bf","ssdeep":"","tlshash":"b6612ce2c38e571df95c667ca180abecd67c3b65895fcb8f014081ad675d58049703ac","first_seen":"2026-05-22T03:52:37.729453Z","last_seen":"2026-07-04T10:35:11.083097Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2686,"timings":{"blocked":1920,"dns":0,"connect":0,"send":0,"wait":766,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/noone_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.595Z","timestamp":1783161267595,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /noone_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 3866\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3866,"size_decoded":4194,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"b02ccf25eab144508d6aba491f492074","sha1":"58d98185fde0675c5ed8fd670351bf59abfaaf18","sha256":"e5aff1c62c102675de5abe09a01abf762631441d7944cb2961bb4fd2732a9e2e","sha512":"c994d257d7b3e84f2aa02d937d26dedf9cb5bbd0e3a3d5d1824ede1a13345b1e49c03405e19c6358e89199a533baaa9126f92fc2fe790a712e5da18c1a1b20f8","ssdeep":"","tlshash":"0d815b54292798def4277c0aac8a36a81dfb4142e1fa0ff2173d89758c1877519315f8","first_seen":"2026-05-22T03:52:37.65051Z","last_seen":"2026-07-04T10:35:11.090465Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2056,"timings":{"blocked":891,"dns":0,"connect":0,"send":0,"wait":696,"receive":469,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/particle-wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.640Z","timestamp":1783161267640,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /particle-wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 9565\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9565,"size_decoded":9893,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"5850e632d55a1e7d2a44ab42b4ab2def","sha1":"8de631c3b25b5d0f761622078f8304e6313d0308","sha256":"61e1131a5089cdf60c84b2b2efb03857849f49a59d42b665474d665135ad22aa","sha512":"dd6889ffa5d2078573b9ded3b8a63c5a72a0fbc2bedae6cbb13178cba0a8745a5a42af3f93ca8c2d39fa29669fab80e19e4044e0654396e126b4797c6c5bf167","ssdeep":"192:PA0RmmZa8dU3BWjdma8boRuTRUL2udMsBN8cCTV7tfTt4JDZdwqPWru:PAXmZayU3BW01o0TRENiscVB7tfTtMd9","tlshash":"a312cf68ea263380c3250ee7141625ca36fbfcac250db443a6f0c46d82d388311abdf4","first_seen":"2026-05-22T03:52:37.722679Z","last_seen":"2026-07-04T10:35:11.092768Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2087,"timings":{"blocked":945,"dns":0,"connect":0,"send":0,"wait":871,"receive":271,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/gemini.svg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.382Z","timestamp":1783161267382,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /gemini.svg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 357\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":672,"size_decoded":733,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"63e59375c6819e63fd5596df694ac485","sha1":"270011e51fc06114b3f2a99dd340f982d2cf94c3","sha256":"15cf1392973571f6c77739d6adcaecbd3a038dfc81c48889c8a2853d3c0c1b3f","sha512":"4a324b795f9e6949c27c43b3c4c81d7198a2827b6b60f38f03afa039fc569e0dcfee5a9833af02a4aa940eadbf4b9b1f914ca799b30227ac60ddd5cb0f3de739","ssdeep":"","tlshash":"0601cbf932bce05d848b0a78dc297055362e383c3f548abcd04ca6b5b1835d6ec43904","first_seen":"2026-01-22T06:22:01.362598Z","last_seen":"2026-07-04T10:35:11.097289Z","times_seen":13,"resource_available":false,"data":null}},"time_used":738,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":738,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/cobo_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.495Z","timestamp":1783161267495,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /cobo_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 4838\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4838,"size_decoded":5166,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"8a23392b164ffaeece28a7fec24c9e50","sha1":"96dc491b97a235767d66539a46ce445e82866845","sha256":"67dbe4f754b3cf3ae6316c0d7bf96a775f37fbe9d4246fa3933896ba7d3bdf5f","sha512":"77bfc5f6b70810be1703b4840851cb9e614f12473f9768abaa1ad7f6e58a28767799a483d63f68bc429e8dec8d73eff70eb1e47daeb8f641408760f442d0fc94","ssdeep":"96:TiVoFIJukgmQtkb0qnPDWOdzVSROgFr3lsjxhhCF:6oUukbQmZdzVSkgllsVnCF","tlshash":"9da18fbc5885c398bcee30ebcb168127b5709e418b48058de22ef51ede0dccc941e269","first_seen":"2026-05-22T03:52:37.780256Z","last_seen":"2026-07-04T10:35:11.101005Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1818,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":820,"receive":998,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/dexwallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.521Z","timestamp":1783161267521,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /dexwallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/png\r\ncontent-length: 12598\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":12598,"size_decoded":12927,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"eaf2f32560e3ba1783630a1926b2a17a","sha1":"ef505ecb7b4c475fa6ac7853d5f945114393d534","sha256":"6d0b93b2eefc3617359cf19bc7da944539a4d9304df4885b45e5074ad704943c","sha512":"bbd791157cfd80ec6cb0c74bde2f101ba15d4c4fa40f72a1c41802e10610f8eac98df6940d3d4607aa6baa8fc67e38a494a1f231151b56d000716d55e17a007a","ssdeep":"384:5xN0z2Kf5ST7ZngxABedL0ypnID8ZOwRFlqlT8Md:OPfEZgxAB+0yWD8c/Bd","tlshash":"4742b0777390eaffd6cd8865912f0a999e298f9c41449f937bc3d4afc7c019c16a0188","first_seen":"2026-05-22T03:52:37.467568Z","last_seen":"2026-07-04T10:35:11.103108Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1964,"timings":{"blocked":635,"dns":0,"connect":0,"send":0,"wait":743,"receive":586,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/metronome-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.567Z","timestamp":1783161267567,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /metronome-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2711\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2711,"size_decoded":3040,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"366dd124d357dc51d1cf9aa2ac4d8c60","sha1":"68529c0b295cebbefa17c92589154e5fd31543de","sha256":"17d237ef3a9f4936476d0cdc0bc8192763e0b86012ce481f6869212d2202480c","sha512":"4b5f5d54d12c54f2f6be1b6c0d395799bcd02b19011225b169a3c8de855d245a4683d254e8acc5c5d0d473f2a06b0ad39e46efa6070f76f2949722ad7fcea6e2","ssdeep":"","tlshash":"00513cd6de44c416cb9958f13f9139657356e8a80d83cc3d8a84b511fa2ccb4aa0db09","first_seen":"2026-05-22T03:52:37.560165Z","last_seen":"2026-07-04T10:35:11.105148Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2487,"timings":{"blocked":1603,"dns":0,"connect":0,"send":0,"wait":861,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/terrastation.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.705Z","timestamp":1783161267705,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /terrastation.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 4076\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4076,"size_decoded":4404,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced","md5":"c4087235a85a2bb1c2ca3d01b48dc049","sha1":"af1f4caa48d68efbe579ff172a29feb7169aa81e","sha256":"a752d553d4d14915801d9abb081901cc18b1a80f4b523d25023692bd8e2b90ba","sha512":"d8e9b360f4caeb69a7ca867322162b3b871b8ea80b34df78fbffe684d429dd6e326b383e17cd166e99d19b72bde9a216c82da629c4cd181b47ab475d10bd571c","ssdeep":"","tlshash":"7281906101bb73a885773dde69db88e0f12f5eb0cb39109c022d5c1f7d902cd689b295","first_seen":"2026-05-22T03:52:37.569776Z","last_seen":"2026-07-04T10:35:11.107483Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2497,"timings":{"blocked":1614,"dns":0,"connect":0,"send":0,"wait":803,"receive":80,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/sync2.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.710Z","timestamp":1783161267710,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /sync2.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 1641\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1641,"size_decoded":1969,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit colormap, non-interlaced","md5":"ab0f88b7d511d55a20887706e6dad544","sha1":"44449d6d016308ae29fcab40e700eae101b00571","sha256":"ba1a0efcbf6fa229d7587fdd32cd08999129a9258bd69939c5fbea40477d2e8e","sha512":"504ecf3a7231a7fe40e3c286e5271f04a6ea3a2120da3fd936a1b295282340468b0bf0023271fa3e42a4cad62088041915ac91bac0cffea760dd832a52078071","ssdeep":"","tlshash":"8631c8e3da1011aef192a16b8935859cd130e41d5a376ad1ee30e41a5f0fddc80cee9b","first_seen":"2026-05-22T03:52:37.506549Z","last_seen":"2026-07-04T10:35:11.109782Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2320,"timings":{"blocked":1400,"dns":0,"connect":0,"send":0,"wait":850,"receive":70,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/ultimate-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.752Z","timestamp":1783161267752,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /ultimate-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2664\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2664,"size_decoded":2993,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"cca41f079c2a3228a84a20cd61033851","sha1":"bd7a1f627d7503125a23af83c5208d01511f8bff","sha256":"b7eafaf469e79acce6728cfdf288d934146c60ef365ffeb408e2f6073e8215fe","sha512":"16b606d3beb377858255ce973bef7a6b6146fbae535e4771f9da62f383d7247b26c4e3711deb23b02cc5455895f21372c7a05ed99305849f44b3122c98582bb6","ssdeep":"","tlshash":"4e51f90a17bc5746d82e0f3250615372de5a7e36d5b3cb08959140366b5d1d19c3db4e","first_seen":"2026-05-22T03:52:37.662165Z","last_seen":"2026-07-04T10:35:11.111051Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2528,"timings":{"blocked":1727,"dns":0,"connect":0,"send":0,"wait":801,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/xumm.jpeg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.763Z","timestamp":1783161267763,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /xumm.jpeg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3749\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3749,"size_decoded":4078,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x100, components 3","md5":"d574c550a6437a2c60ed58bab01ecfd3","sha1":"909c3ba971eedd99d6cae4b3768a3a5b3b50cf76","sha256":"12ff5c6bda75d115dbd72da8930cc903600eca973bf0ea47bf107385c6368cb6","sha512":"424e70c6300f10cf6a6a110aaa1f32b1dfd29b1232f6e330007b947fc99374e7e478f164c11b44169b2a20fbea3f7ee1259af468ff9d548cdbc9e3f226a97eae","ssdeep":"","tlshash":"19714c1047dea6e4e961767df415021c7a307884eef48cfb8b4369fa7c40f56d44494a","first_seen":"2026-05-22T03:52:37.513117Z","last_seen":"2026-07-04T10:35:11.112153Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2375,"timings":{"blocked":1415,"dns":0,"connect":0,"send":0,"wait":831,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/neonwallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.590Z","timestamp":1783161267590,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /neonwallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 8623\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8623,"size_decoded":8951,"mime_type":"image/png","magic":"PNG image data, 100 x 94, 8-bit/color RGBA, non-interlaced","md5":"e37bd93e01d4c6cea80944348a15fdfb","sha1":"53f7302a40bae9ecf28447cd587ddb34833e1a43","sha256":"26ad5cf455d21e111131b3cb13bc9fc3fef53640bbf5d618e9ab2b9571c71e9e","sha512":"1d24511fbc7612a14b09de5cfb29f40cf13d0ee470a5321c0b2d4edd42e22e36f43589b1e658b82cc52c30618f03e37d7f6718e96b113aed4487e04e5e77cd72","ssdeep":"192:6pDIcOr0LGORoSD0bdGE5ziyPXqWBmZ2u1OYDEMceT0tuK996:mOYLGO+O0bdDgEm/VEMceT0tu/","tlshash":"9202bff4df19133cc3b2d1adf8f759f224a1ca411a1ec7e4408e60a0b9c8ada11252bd","first_seen":"2026-05-22T03:52:37.340443Z","last_seen":"2026-07-04T10:35:11.113308Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2586,"timings":{"blocked":1823,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/railway.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.654Z","timestamp":1783161267654,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /railway.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3074\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3074,"size_decoded":3403,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1","md5":"a173a914e67941b63eb6b0e6fd4d2a8d","sha1":"4b99156a31090b70a90fb3629a3d310621c48d42","sha256":"ae6664cda20c16125c7d3e2711f5fa1b9a81bbea9338885b66d4edac55994e4a","sha512":"d87b989678203c3f93370bcaa1f74421a47c013c78dd87317cf52560f7b254ed8cf04eea9ef102757d2c6f5f72431928cab138055baeb82fef2947ad200ed9ed","ssdeep":"","tlshash":"eb513bdef9232c9ed4c009b9cd405b62174920bd6bc30aa636698142bdc4eed244f343","first_seen":"2026-05-22T03:52:37.343086Z","last_seen":"2026-07-04T10:35:11.114895Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2126,"timings":{"blocked":1030,"dns":0,"connect":0,"send":0,"wait":786,"receive":310,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/zenapay.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.770Z","timestamp":1783161267770,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /zenapay.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:30 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2496\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:30 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2496,"size_decoded":2825,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"a1a566be8e5d70e538a8931c0bb74492","sha1":"6f7e8477bfb26ec1f3e1e4780426215515a56bc8","sha256":"29a35931366f3b30bce838a8c7cb5c05891d1f63d01790d0ce8dc148e2c2ae0b","sha512":"1894c7114e6b7097882d6ec6b548163d4a6ee72aa77eeb1c910bb650ed04b80b102cb8ee28dbb21c494f0d889060889403ace16b45e32847b8f5afa258b989f3","ssdeep":"","tlshash":"0251ea912b0c0549dcdd1fb590d0a7b1dbbebf32fea7b78d44415461bb58880e92829a","first_seen":"2026-05-22T03:52:37.297171Z","last_seen":"2026-07-04T10:35:11.117324Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2610,"timings":{"blocked":1842,"dns":0,"connect":0,"send":0,"wait":768,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/zilpay.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.777Z","timestamp":1783161267777,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /zilpay.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3028\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3028,"size_decoded":3357,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"b6a998039b2829f0d5356380636c8fb0","sha1":"48493c8a7d54a6c894f29e096658e7d8abec983a","sha256":"47cd9456e6bcb20030c25e6808fd4fd0c5ce3f81345df724ef17263b0f4b7d27","sha512":"abc6dc08af1a8270d0fa0618209c2ca80dbc4d7e854f902087825430e21acc8538ccdb5749bf86a2674c3295d827a4458180d27ae0fa6e9a3cdc6cc49ebdf188","ssdeep":"","tlshash":"dd510ae52a29a754de4d5fb479d04a12ed753f31cd879a2d40c0805ea725582df2431b","first_seen":"2026-05-22T03:52:37.423117Z","last_seen":"2026-07-04T10:35:11.118983Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2193,"timings":{"blocked":1138,"dns":0,"connect":0,"send":0,"wait":902,"receive":153,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/blockchains_my.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.472Z","timestamp":1783161267472,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /blockchains_my.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4186\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:37 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4186,"size_decoded":4515,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"74b7be59b4605bb7e235c8cce9fbfa94","sha1":"7ba4b7c6ffd8e9203fa6dbc3d8bddf7caa3d1052","sha256":"9781c5d4ae5d2afab2ec3919f6b614677174b9d2c08f6152a10f7959a816c5f1","sha512":"7fa2a8f42d335b96da312729f4878a2b8fb4653aeaffe24b57b9d6e45ae6ab52d047d580f4bff3ee46c6252d4f2bdf6623a8721fc9ccf22b820942df4850bed1","ssdeep":"96:1894vITvS1syd3VA98eQ9WANt7/jg83I5Tyf05vhZ4Q5:mfK1syTA98eQE0tnB45A05vhz5","tlshash":"d8816d72038d3755d15c6ff2a3f1bb90e5657b30cb51439e78a4218e6bed8c20694739","first_seen":"2026-05-22T03:52:37.6159Z","last_seen":"2026-07-04T10:35:11.120369Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1741,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":842,"receive":899,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coin_wallet.png","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.498Z","timestamp":1783161267498,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coin_wallet.png HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 3655\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:27 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3655,"size_decoded":3983,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"46945b938e96db5605fab2a4eb236445","sha1":"9f5dea52f3bf8060e91d13a31894696ecd20be68","sha256":"5d253bef9ba3a19c926e482a319eb1a5577fdf7cb9e5a3bd9f59fca1d9ee54f9","sha512":"9ac7f14028969847e3941666598830ba47fe1b468fc134b836a291c9085658ebaf6f8f63024cc09530c6075a41ec40c89d322d43f7cf4b04bdeadecdb74307ac","ssdeep":"","tlshash":"d6716d26d2346661ca0460730659c71e6b23c59d080bd49cc0edca1fecccb59d6ae69e","first_seen":"2026-05-22T03:52:37.426671Z","last_seen":"2026-07-04T10:35:11.122098Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1908,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":817,"receive":1091,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/coolwallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.508Z","timestamp":1783161267508,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /coolwallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:28 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2518\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:28 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2518,"size_decoded":2847,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"b5e50ce1e16354f1328042904af8c34b","sha1":"ecd553c131068872546ec1be3191305a42b44923","sha256":"b5dd8fad70604981166a822b17e867531d1fc0be5935561f7ea5756b700364e0","sha512":"4c6444c637027d65d979553b3fe631d521a8891093e73ed465153be031de7720be0fbb6e8357eaa2fd22b787f4c70790fb961b8bbc8d4f58dc66b72e5846e0c2","ssdeep":"","tlshash":"c851fb2266509726fa4d07b49880cff1d9587b95da93d73589c0103d7bad0d36f4c748","first_seen":"2026-05-22T03:52:37.635864Z","last_seen":"2026-07-04T10:35:11.123861Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1852,"timings":{"blocked":155,"dns":0,"connect":0,"send":0,"wait":759,"receive":938,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/onekey.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.635Z","timestamp":1783161267635,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /onekey.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 2112\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:38 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2112,"size_decoded":2441,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 100x100, components 3","md5":"db1c1d47952b1664a048c26cc1b450b8","sha1":"f652bf81d7a322add6978c4f84325f61a36fe25b","sha256":"339945727b52d413cb5d96b5627a9644b330ad39c5658721841b25534d1537ff","sha512":"b974481b2074202cc5122ca6b70815b41786cde760cc695f63927dfde7193e2a8ed34f0c6a481a2e93e9c40233b0d680e65b2c885253fbae51ca866e93de6e4c","ssdeep":"","tlshash":"9a41a6e05b983f14d99f1ebc2cd0d7a2da697f364de7ebbc8881015977780808915344","first_seen":"2026-05-22T03:52:37.377107Z","last_seen":"2026-07-04T10:35:11.125559Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2304,"timings":{"blocked":1284,"dns":0,"connect":0,"send":0,"wait":768,"receive":252,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"be-myfin2026.com/strax-wallet.jpg","fqdn":"be-myfin2026.com","domain":"be-myfin2026.com","tld":"com"},"ip":{"addr":"37.77.150.237","port":443,"asn":0,"as":"","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:27.709Z","timestamp":1783161267709,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"be-myfin2026.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 10:59:33 GMT","end":"Sun, 20 Sep 2026 10:59:32 GMT"},"fingerprint":{"sha1":"5F:58:F0:FF:4A:D5:11:75:5F:26:58:D6:41:7D:34:68:B8:28:8D:45","sha256":"C4:5F:FE:34:FC:EA:C8:8F:8F:7B:3F:36:F7:B6:8A:EC:E9:B5:E5:6E:6F:A6:AB:51:62:40:E6:C8:B2:85:3B:86"}}},"request":{"raw":"GET /strax-wallet.jpg HTTP/1.1\r\nHost: be-myfin2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://be-myfin2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 04 Jul 2026 10:34:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3445\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 11 Jul 2026 10:34:29 GMT\r\nlast-modified: Fri, 29 May 2026 08:15:39 GMT\r\naccept-ranges: bytes\r\nx-served-by: be-myfin2026.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3445,"size_decoded":3774,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3","md5":"149eb271fe8a839ce2d12dedc8e02c12","sha1":"41691d244fd74e59f6a8aa0e37e0e46e09a603dd","sha256":"610c79745154d35ef81a83a96b3d89f97e8e7cd099b8f973e9d4fff9aeaf8d7f","sha512":"b4fd52d45ef54f70a07ae74c1e7cceafd1f2d556794cd915d39a6bb1812bfd581810d53f14a52927e9b944fac3818ebd2ea1f58d0a7fdcca5ee68dc51216b66c","ssdeep":"","tlshash":"da611a40a6889a3ce56c2b7a50820b52ff502b32577f9a59c6c6162e3f1f0c2dd0c36f","first_seen":"2026-05-22T03:52:37.49111Z","last_seen":"2026-07-04T10:35:11.127944Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2341,"timings":{"blocked":1400,"dns":0,"connect":0,"send":0,"wait":850,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-04","alert":"Sinkholed","trigger":"be-myfin2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-07-04","alert":"Phishing Block","trigger":"be-myfin2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.telegram.org/bot8401526239:AAFpKbqsCwl_TALttFbXgzMthY3RYRAxofc/sendMessage","fqdn":"api.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://be-myfin2026.com/","date":"2026-07-04T10:34:30.992Z","timestamp":1783161270992,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 11 Nov 2025 15:14:09 GMT","end":"Sun, 13 Dec 2026 15:14:09 GMT"},"fingerprint":{"sha1":"EC:27:13:72:1E:6C:94:9F:47:59:A4:24:4F:AB:9B:02:E3:6E:54:41","sha256":"64:47:03:9A:C9:ED:B9:03:8C:07:6E:AA:3D:BF:75:4B:4C:C1:4E:C1:A5:8C:83:2D:3E:FD:0C:E7:F7:82:C2:71"}}},"request":{"raw":"POST /bot8401526239:AAFpKbqsCwl_TALttFbXgzMthY3RYRAxofc/sendMessage HTTP/1.1\r\nHost: api.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://be-myfin2026.com/\r\nContent-Type: application/json\r\nContent-Length: 89\r\nOrigin: https://be-myfin2026.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 400 \r\nserver: nginx/1.30.1\r\ndate: Sat, 04 Jul 2026 10:34:31 GMT\r\ncontent-type: application/json\r\ncontent-length: 56\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56,"size_decoded":390,"mime_type":"application/json","magic":"JSON text data","md5":"d948d5845276032d39194409db9ad97b","sha1":"475fe4e71224df85d494e34e0cb8ed799afcdb0d","sha256":"a0a1e0f24b392c6da875c10977d169497a47f669b7e671e62330e125a56721fb","sha512":"3e538a78d85dc32eb47db705c97d627ed8851f6dd87904e2e39aa1d5357cdeaea2a7746fc2ccddbde9bcbcab66ddcceff4ab5cf8db169c49e0f81c592104c67f","ssdeep":"","tlshash":"22900244098ed56744da11605935954855b756b8641964404d95611d56421ea58f240a","first_seen":"2023-07-28T20:34:41Z","last_seen":"2026-07-04T10:35:11.130278Z","times_seen":439,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
