{"report_id":"3d60ecac-e82d-4bc5-8088-67f1cfdaa04c","version":6,"status":"done","tags":[],"date":"2026-01-24T13:44:06Z","url":{"schema":"https","addr":"bonks.finance","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"172.67.173.225","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bonks.finance/","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"title":"BONK Airdrop","dom":{"size":25947,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"5bd75ebd594dfd3407aee29b9bb136fb","sha1":"5e3401c6232ed1cdfd6b7b64d9da13ad19e13bd8","sha256":"b1f3049b3f27c076c331a5d5d3a3303489c7bd87514c1ac2cfac54777ac62cda","sha512":"ca3e63fab9dc7e2b83cb2f382cc3810099d5bb662ab2f8ae0a9e5ba1664bff7050771985b10afa5072539ad700dce5084ff3782f82097ce985c5ad5ad1409e4c","ssdeep":"384:fIARpY+tCt+IIIVZIOlyl3zPwtwVwtMywtY6wtDKwtOitlZvGMo78/qRIRX/:fIARpQBn/1","tlshash":"42c27191eb4d2126931ba1d67da173d5223ec832d5070dffbdb7622c82cd449036a7ba","dom_hash":"domhash3917a4de25653fb67773d416598ce610","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"bonks.finance","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"172.67.173.225","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-28T13:44:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-18T22:14:28.232245Z","alert_count":0,"request_count":4,"received_data":102680,"sent_data":2132,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bonks.finance","ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-24T13:44:07.363931Z","last_seen":"2026-01-24T13:44:07.363931Z","alert_count":22,"request_count":11,"received_data":4119136,"sent_data":4881,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-18T22:17:29.309663Z","alert_count":0,"request_count":1,"received_data":11406,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bonks.finance/","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2e5aca65c3441bc05b33ebe55c01ea94","sha1":"49884ffdfa1683757bd272f0337bf97b9ee168ba","sha256":"cd6b1cec388ac3b6552a9b00deabd21d1bbf529ac8048c824760be4bbb317b08","sha512":"b815e9ca755f387cb7b4c85b626d6026973b3e81ae6decba79a68070cd490f2854e39b59ccbf574d4d101b365bb1b46e1319bd9c7af4038c3ec59a78d0686f8d","ssdeep":"6144:aIcXhbB0ztVUjNY0zts/wzgrFSYQM3wSEG/F8:aI4bB0ztVUjNY0zthzgrFSYQM3wSEG/e","tlshash":"6184eae477999e5ad771ce55b236e249e400bc1c3eb9385aa691f703b05c40368f3bb8","size":387211,"data":"","first_seen":"2025-11-20T05:06:50.945427Z","last_seen":"2026-01-24T13:44:19.561264Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/bookshelf.extended.js","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1596596e59041083b82e2da0b9257369","sha1":"9d680e184c73b91d13c5d30bd9f61277709d57b9","sha256":"61aee1320cd28904e8c8b0f3f3d5049882af566598b90d724e774cf5c125354f","sha512":"cc7d8ed5f2ff71be3fbca403e276772fc26cd6043f73d912ed5b9cd2d76b8da42075e9d62ef7677c66a0c541bce2d76d1ee120fd76865d460047098f4b1b1a50","ssdeep":"6144:t9f3/B0ztVUjNE0ztsD6b61ZQaQM3wGESPRl:t5/B0ztVUjNE0zt3b61ZQaQM3wGESPRl","tlshash":"bb84dae967989e4ad371ce55b236e248e400bc1c3eb9385ba691f747b05c40368f3b79","size":394137,"data":"","first_seen":"2025-11-20T05:06:50.943519Z","last_seen":"2026-01-24T13:44:19.555434Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"435e9ffdc68415866b10c94d0b56ee36","sha1":"58cb704f62b13a3e6fb611a2dd032b0705848977","sha256":"b6099f49e35398a997cb9249d0f8ae6a6ecb51595c591ab1a513618037d65725","sha512":"dd9da68a0eb6edd7f5f1c2a9a0cd5d0a86dc531dfbfd96531dd287d96da866a23740c5a3065809a3d5921bae379cf84ad2e338c43ca3bb15e0072ef2e46a2014","ssdeep":"","tlshash":"0b3167e1d31c293f428e7dad768aaaccab3c88b9e441405778ac9d9c046786644f14fa","size":1545,"data":"","first_seen":"2025-08-07T21:44:49.333531Z","last_seen":"2026-03-13T01:03:35.077149Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fjoi.legacy.esm.js\u0026t=29487703","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","size":656642,"data":"","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-04-21T16:12:40.397384Z","times_seen":2485,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"bonks.finance/favicon.ico","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:44.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonks.finance","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:08:04 GMT","end":"Thu, 09 Apr 2026 20:05:44 GMT"},"fingerprint":{"sha1":"02:3C:A8:FD:D4:EB:DB:59:BA:D8:38:C3:70:54:B8:A6:FA:12:7E:B4","sha256":"CF:AD:96:7A:56:5A:B7:AA:A9:18:6A:79:0C:76:C3:91:88:14:DF:5C:C8:DF:DD:15:A2:D9:90:BC:F3:31:18:34"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bonks.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonks.finance/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 13:43:45 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Tue, 11 Nov 2025 16:33:03 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Shq8tGM5UOM1715bFCEvDPNMWnX%2B5VYJdzhrJI3iMZhWAOMol%2FRYlaZJQ9YG4CKwXjUTXJBnTn1RFbnaNquEd85J9IV%2BJOhnx8gG\"}]}\r\npriority: u=6,i=?0\r\ncf-ray: 9c2ff6289fbf7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26899,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"7c6b77302ecfc2a06806f4e20422b489","sha1":"495a6882962dafa4fe095d7c6402f255a9d37438","sha256":"5e50f2090a628d005c567a94a34087270a7563da12df08e99bcc09679f2f4519","sha512":"7dbbf3c34962e451a9bec483d61e6403a518d094057623bc9242df3432b04cdb00e8b5a371fcb9877cc189d7aa9fe9991b0c1d5743d4f67ed0d063e89775bfb2","ssdeep":"384:bRhnr4ejNdBlqlsilLf3mmyqRqWbRqOyRqqGRqFrRqL73mfGtdNmoUgNAGo:bRhhIWoUgW7","tlshash":"c0c220a0b74fa12b930b62d7b6b173d5ee3dc831c20701bf71f6653642dd41947226aa","first_seen":"2025-11-20T05:06:50.92746Z","last_seen":"2026-01-24T13:44:19.553274Z","times_seen":3,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance//secureproxy?s=%2Fjmpd%2F","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:45.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonks.finance","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:08:04 GMT","end":"Thu, 09 Apr 2026 20:05:44 GMT"},"fingerprint":{"sha1":"02:3C:A8:FD:D4:EB:DB:59:BA:D8:38:C3:70:54:B8:A6:FA:12:7E:B4","sha256":"CF:AD:96:7A:56:5A:B7:AA:A9:18:6A:79:0C:76:C3:91:88:14:DF:5C:C8:DF:DD:15:A2:D9:90:BC:F3:31:18:34"}}},"request":{"raw":"POST //secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: bonks.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bonks.finance/\r\ncontent-type: application/json\r\nContent-Length: 1748\r\nOrigin: https://bonks.finance\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1748,"data":"{\"route\":\"8XUwkBv9vhPYfVpD1fxb7EC65sUXJdqr\",\"payload\":\"FHc8ANEYZYF6vyXUSoKhfnmqtUTLK2QqQCQKb1AWBHAXFzmgWYT86x9L1Fwyk3tmbqmFQ814dqrAsgoL7WaPC6dVPerckqxxaLgnKE6YvkSsXGnXbyDreDJwPETwwTKhjwyHpB4gkKAgLcEG5wcpEF6J32q2XZnPXPPJKBCq8FRhoB6wJVprDaCZ5mmy7XabYvyefJVwLz8Lom7f7jkYxfDxbK7h6MDuXByFpV3CJ91TAdKkP7YUMaqQC2XNPufsSbDgSmozQLGCZ6p29cg8nCTbUnp3yxvPygURVmAHozDnssyXatvs1SQxPipsKtcxuH5gfKUSwRJrtA8CSB9MtRwfu6ubG8Q2DPspDaRNyfrmmzAMSUW7F79P7mcNyGxxekK6dzj5x34Sm4PS4ttAnt5AsasYKaNtDqNeMnXtqziuhBm2QV4fNtqe1p2rDjTquBfZDhz87Xcs1eqU1YvqYaQ4GEodj4gsCjeqWevTRD5B7a8QEk6gyK7uvmUhUPjxaGXVxaV876kdmdxcQDPiyV9WL4BG8tX3fdZqdRzcxSvygp1eQ2ZHgLWrG8EdcWd3boj3bZduAziCf2wBR8z9AtTioVuG5tsbRoKpmXcYXLvACd99Swkbu6zeU3wXG3dergotAD6h5JVcLFSYnXdNpGAvgHM3u2i8hNtTLYzentfdFZb3CxnQExgsjBAfKXNdZFfY5XZnnA7oGsz6nfUvrZKDAismJbpbCmiLxY7Jh3okFKhLBQYeAeCYRLPV4jAQQi62RtnJTYrh4qPQ3Fq39hzLpk4wz4iT2MHMEEQ5QF6FXNjS3s1BVGm1c8K85eoixfExzZi6oyjZqUdV5RY14XEkwEBCyTWVLmoM57ozXoutaPTkF2CMRcsDyc6rupWtRBnvYHw3tacwiia7JTe24J6Y6oTdGQaw59SjAaJyMzzhzg1ELeTUG8Cp9f3wPRszFp2JFaAXy8PEHpeFtDANRspKsy43VJUPF1FrRruKBzj7T55zsiB4z97rSt7T413hepsUXb1m1QrzZpVGv9QrC3MWXzKbUoDxJAa4VXJKPeek6K7m8wd3nQK3jUUKPzsSSgK4wcdLmvA51ZPdqG31zjfvyjDUgTKbCYhjeuZjwA1uCGUu7v2VZg2BZSBZzQLd4VARsJWNixu6mHq3ub8aH2kcwbr74e5asExNVvBXxD9qGZcB9E6f2tyDn4USN2gGPC53XWW5X9Bow71L39bALYbV4HDbSTudbYoKn1PRQs3Sp2D3oEq8hWWoP4J2WBaEzUnheW6tPPyJ7YW26bVLD9oiHp5ncU4ojaY5CqGy1ywZJP4tcVYf2bxsTwyRQcgJ9EBsVhAD98eiuNQRfkwyKS8RAooJyimd89mktPXkctT6uaBd3wmkLrWyNG22zdbExJxGMkw8F92mVbTxVaeCuJVRwi9JMn7dbbRLF7okMeBZu7rSbKTpHgKCYb2qqSgV6yafnRWPeMRX3FMoJcANMGM5NYwMyVUgUNgTqBLZAjqaHu7QeWEoVKcG4weAU1i5h13RF561emAnpnAUuLyyCppUJ6X9AKpxyLXWovyqSh82LPZU8CNxvBoF4vnuLa9RkFnNqgVdBFGpy9LK9UUeVHu1guoxTqsd9wY3gPmWvQHVUpjhZv58eRrv9SFXdm1jkvwbCNu4zwEyoXvRwrzW2cr3TD4\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 13:43:45 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"e1-kq7VeReG9g3YUEwWq71BowoUBRE\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9983\r\nx-ratelimit-reset: 1769262285639\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 01/24/2026 13:43:45\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: 18aea2a1f6f79c8e679f297d0ac38769\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qfE%2B2XKqbLhd%2BymCW63Z15EyHhbymEH8VZB58gxpEVkYfARXm8bjfamZbL%2Bcl2VDfcRR%2F9NNZXSvKTMSHd%2BO6oKdTWSIZMe3hpFs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c2ff62cbfe67127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":225,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f34997f4cd020a468a306c3e10b7df3d","sha1":"92aed5791786f60dd8504c16abbd41a30a140511","sha256":"631561e1269750c9d3579891f7e1fa8c197bf3842c804864ec72a0c988e7fd5f","sha512":"8daa43af4ce920fce4fd50d19f88f5adbb02bfdfd60f1d8258f15cb61d597555bca3f9107473ab3695a60c4866d71c481c011055cf77155325b6226b587cfae0","ssdeep":"","tlshash":"66d02388111f942d14c4f84013cf972442304c03b6d2c11cd8540cb9013873ad04b9c3","first_seen":"2026-01-24T13:44:12.553861Z","last_seen":"2026-01-24T13:44:12.553861Z","times_seen":1,"resource_available":false,"data":null}},"time_used":438,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":438,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/bookshelf.extended.js","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonks.finance","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:08:04 GMT","end":"Thu, 09 Apr 2026 20:05:44 GMT"},"fingerprint":{"sha1":"02:3C:A8:FD:D4:EB:DB:59:BA:D8:38:C3:70:54:B8:A6:FA:12:7E:B4","sha256":"CF:AD:96:7A:56:5A:B7:AA:A9:18:6A:79:0C:76:C3:91:88:14:DF:5C:C8:DF:DD:15:A2:D9:90:BC:F3:31:18:34"}}},"request":{"raw":"GET /bookshelf.extended.js HTTP/1.1\r\nHost: bonks.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonks.finance/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 13:43:43 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Tue, 11 Nov 2025 16:33:03 GMT\r\netag: W/\"6913653f-60399\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AXbhtEu3b0aAqxUDqJNZJRG%2Fqb%2FGfNBMrUIZxdzYJHRx7%2F%2B9vfZ5CeOUKuMjLYYub58Q%2BPXjYn7E37o%2F%2BVJQJpDdEq4El9YQRveN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c2ff61f2f807127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":394137,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65286)","md5":"1596596e59041083b82e2da0b9257369","sha1":"9d680e184c73b91d13c5d30bd9f61277709d57b9","sha256":"61aee1320cd28904e8c8b0f3f3d5049882af566598b90d724e774cf5c125354f","sha512":"cc7d8ed5f2ff71be3fbca403e276772fc26cd6043f73d912ed5b9cd2d76b8da42075e9d62ef7677c66a0c541bce2d76d1ee120fd76865d460047098f4b1b1a50","ssdeep":"6144:t9f3/B0ztVUjNE0ztsD6b61ZQaQM3wGESPRl:t5/B0ztVUjNE0zt3b61ZQaQM3wGESPRl","tlshash":"bb84dae967989e4ad371ce55b236e248e400bc1c3eb9385ba691f747b05c40368f3b79","first_seen":"2025-11-20T05:06:50.943519Z","last_seen":"2026-01-24T13:44:19.555434Z","times_seen":3,"resource_available":true,"data":null}},"time_used":413,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:24 GMT","end":"Mon, 23 Mar 2026 19:52:23 GMT"},"fingerprint":{"sha1":"43:39:AF:0A:74:F9:2F:1B:C0:1E:4E:89:21:30:C2:28:EC:9F:6C:67","sha256":"EA:F1:0E:C7:36:18:F3:9D:D1:D5:34:23:44:7D:6F:9D:2F:61:C7:81:09:9E:E9:C8:02:C8:F2:2C:0A:83:B3:A5"}}},"request":{"raw":"GET /css2?family=Manrope:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonks.finance/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 24 Jan 2026 13:43:43 GMT\r\ndate: Sat, 24 Jan 2026 13:43:43 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10720,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"52e735aa88c047346bdbc94b641c48f8","sha1":"c184c1982e51c1c775b2889d2d17b886215a46bb","sha256":"8d5bd0aede64a4797f1e7310b7fbbef105f7b2520feeac156eb8dfbfd6686043","sha512":"77f52f31039e6e44c2f2b8c3663710839f85d3ece31e2bf7e4a7e70bccfe56f22970a4eaae5bdafb458e821a37628fced6ea2231089990b45e2b46ce7a520da7","ssdeep":"192:SJi5V3PP8wiJDEV3WW89RJ8rV3118+4JlOV3MM8b/JGNV3TT80s:UmkwU+ME02w","tlshash":"5a22a990002be804eb470cd677ce7e3aad4e61567451c5ba5bfe1cd8addbd222320b5e","first_seen":"2025-09-08T04:26:17.666874Z","last_seen":"2026-04-21T04:30:44.335311Z","times_seen":367,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":88,"dns":0,"connect":7,"send":0,"wait":20,"receive":0,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/bonker.png","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonks.finance","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:08:04 GMT","end":"Thu, 09 Apr 2026 20:05:44 GMT"},"fingerprint":{"sha1":"02:3C:A8:FD:D4:EB:DB:59:BA:D8:38:C3:70:54:B8:A6:FA:12:7E:B4","sha256":"CF:AD:96:7A:56:5A:B7:AA:A9:18:6A:79:0C:76:C3:91:88:14:DF:5C:C8:DF:DD:15:A2:D9:90:BC:F3:31:18:34"}}},"request":{"raw":"GET /bonker.png HTTP/1.1\r\nHost: bonks.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonks.finance/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 13:43:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 747171\r\ncast-mode: default\r\nlast-modified: Tue, 11 Nov 2025 16:33:03 GMT\r\netag: \"6913653f-b66a3\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MoCm%2BRcKtQUB2P39YLNBBgVoEkHzRh6Rxpjj4zu54zFVODyJd%2BUxUfiOLxOFUmC6jJ4LRJRuv7vZlulklCGGsU%2Fc19n2%2BCmDpfbh\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9c2ff61f3f847127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":747171,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 864 x 788, 8-bit/color RGBA, non-interlaced","md5":"fa42768691f89c7a17f450b2beb9076b","sha1":"258c270933eb09292dd5c230a6ee15c793c49098","sha256":"e1a4accb2721b6a7bae3d6e3ecfbd6f0bf72d8aa070fd8668fad62e61116ac13","sha512":"9b94824528c57977f8d631e05ca90fb9dc304b980fce21ec83f392eccf7e23ee90faff692b5d418cc5de4c9bea64ce6c85150450b0c8014aad0ecba99f8e6c40","ssdeep":"12288:Lfvehan91ccoXi5pmqNnQt45VjawgAu3wk+5G3BWafjTidskuAmw4II:LxDbqYsuEwgAuA5C5L26kuBII","tlshash":"acf423b06fe181a626a3677ea355a4f72716d28cc0b034dc8e33b1f19b22165a613d7d","first_seen":"2025-08-07T21:44:49.316336Z","last_seen":"2026-03-25T21:01:51.488303Z","times_seen":15,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":279,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/Logo.png","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonks.finance","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:08:04 GMT","end":"Thu, 09 Apr 2026 20:05:44 GMT"},"fingerprint":{"sha1":"02:3C:A8:FD:D4:EB:DB:59:BA:D8:38:C3:70:54:B8:A6:FA:12:7E:B4","sha256":"CF:AD:96:7A:56:5A:B7:AA:A9:18:6A:79:0C:76:C3:91:88:14:DF:5C:C8:DF:DD:15:A2:D9:90:BC:F3:31:18:34"}}},"request":{"raw":"GET /Logo.png HTTP/1.1\r\nHost: bonks.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonks.finance/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 13:43:43 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Tue, 11 Nov 2025 16:33:03 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\nage: 0\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BXwBJYh8WqIwKtAQwnOVHaHXvVXXEly2U4ihLXhhfRj7%2BA7TUvnwfv3QzBETOf6pRiukq6uUEfFeuBY5ciT9yJ0Y9jgfsDd03PkW\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9c2ff6235fa77127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26899,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"7c6b77302ecfc2a06806f4e20422b489","sha1":"495a6882962dafa4fe095d7c6402f255a9d37438","sha256":"5e50f2090a628d005c567a94a34087270a7563da12df08e99bcc09679f2f4519","sha512":"7dbbf3c34962e451a9bec483d61e6403a518d094057623bc9242df3432b04cdb00e8b5a371fcb9877cc189d7aa9fe9991b0c1d5743d4f67ed0d063e89775bfb2","ssdeep":"384:bRhnr4ejNdBlqlsilLf3mmyqRqWbRqOyRqqGRqFrRqL73mfGtdNmoUgNAGo:bRhhIWoUgW7","tlshash":"c0c220a0b74fa12b930b62d7b6b173d5ee3dc831c20701bf71f6653642dd41947226aa","first_seen":"2025-11-20T05:06:50.92746Z","last_seen":"2026-01-24T13:44:19.553274Z","times_seen":3,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:23 GMT","end":"Mon, 23 Mar 2026 19:52:22 GMT"},"fingerprint":{"sha1":"5A:74:FC:38:D2:7B:9B:E5:E5:0D:67:25:F4:73:BC:BA:2E:12:A7:FD","sha256":"3B:19:CD:BE:44:E6:EE:DC:8D:33:2B:A2:1C:E4:13:F8:6F:7E:2E:52:5D:0E:75:F3:1A:ED:21:1B:7A:B7:2E:BA"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bonks.finance\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 23 Jan 2026 13:20:45 GMT\r\nexpires: Sat, 23 Jan 2027 13:20:45 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nage: 87779\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-04-22T06:04:48.488609Z","times_seen":17916,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":262,"dns":2,"connect":22,"send":0,"wait":8,"receive":7,"ssl":232},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-24T13:43:42.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonks.finance","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:08:04 GMT","end":"Thu, 09 Apr 2026 20:05:44 GMT"},"fingerprint":{"sha1":"02:3C:A8:FD:D4:EB:DB:59:BA:D8:38:C3:70:54:B8:A6:FA:12:7E:B4","sha256":"CF:AD:96:7A:56:5A:B7:AA:A9:18:6A:79:0C:76:C3:91:88:14:DF:5C:C8:DF:DD:15:A2:D9:90:BC:F3:31:18:34"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bonks.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 13:43:42 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Tue, 11 Nov 2025 16:33:03 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=71cHSKB3BqRkZq4n3%2Bbd4AAKytUxz0pI0%2FgkccatJJEWo91NKaQD6ldE6siR00QlVnfDt2DYoa%2F3PbUXLy47Ucil6BwSk3pc2or9\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9c2ff61b3c31b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26899,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"7c6b77302ecfc2a06806f4e20422b489","sha1":"495a6882962dafa4fe095d7c6402f255a9d37438","sha256":"5e50f2090a628d005c567a94a34087270a7563da12df08e99bcc09679f2f4519","sha512":"7dbbf3c34962e451a9bec483d61e6403a518d094057623bc9242df3432b04cdb00e8b5a371fcb9877cc189d7aa9fe9991b0c1d5743d4f67ed0d063e89775bfb2","ssdeep":"384:bRhnr4ejNdBlqlsilLf3mmyqRqWbRqOyRqqGRqFrRqL73mfGtdNmoUgNAGo:bRhhIWoUgW7","tlshash":"c0c220a0b74fa12b930b62d7b6b173d5ee3dc831c20701bf71f6653642dd41947226aa","first_seen":"2025-11-20T05:06:50.92746Z","last_seen":"2026-01-24T13:44:19.553274Z","times_seen":3,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":77,"dns":36,"connect":2,"send":0,"wait":271,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/ufo.webp","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonks.finance","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:08:04 GMT","end":"Thu, 09 Apr 2026 20:05:44 GMT"},"fingerprint":{"sha1":"02:3C:A8:FD:D4:EB:DB:59:BA:D8:38:C3:70:54:B8:A6:FA:12:7E:B4","sha256":"CF:AD:96:7A:56:5A:B7:AA:A9:18:6A:79:0C:76:C3:91:88:14:DF:5C:C8:DF:DD:15:A2:D9:90:BC:F3:31:18:34"}}},"request":{"raw":"GET /ufo.webp HTTP/1.1\r\nHost: bonks.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonks.finance/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 13:43:43 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 11 Nov 2025 16:33:03 GMT\r\netag: W/\"6913653f-97144\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=re5odJYGk3HpDSu1nrbaOYyAplz3wXOcvuHI0FJZXGv9PWfaARao2ppe8%2ByKYF2HceuIvelJwQzN78W%2BZn4z98YguXStnh5c1xcB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c2ff61f4f857127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":618820,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 1728 x 1117, 8-bit/color RGBA, non-interlaced","md5":"ebd572251e2bff7b6abee5795e98d8af","sha1":"56e1a3786fe2b4828c862966027babaa0cba9f12","sha256":"24badeb30eae3ccac483435ec2b17d0456cfdbc6fe7c5749f3c3cb8a48a7d40d","sha512":"39c6263bd8f640b348062ea7412ffbc10b70dbf441fcc39d8192d70abab4b3704f52d55c977aac4ff3bf4a2a08f9b2d501729ea7f2e499c1a6b40101a65c5619","ssdeep":"12288:M1kZ98Strhs4hux33IxgWv/tO7WAyVEZGD6BI+Nkx:NZBOHx34x/t+WV5Xn","tlshash":"b6d41220db5591373503a850b958692398c05eb37d4adc520ad7792f0b0bfbbacb3e67","first_seen":"2025-08-07T21:44:49.319548Z","last_seen":"2026-04-04T12:15:04.219092Z","times_seen":22,"resource_available":false,"data":null}},"time_used":519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":237,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:23 GMT","end":"Mon, 23 Mar 2026 19:52:22 GMT"},"fingerprint":{"sha1":"5A:74:FC:38:D2:7B:9B:E5:E5:0D:67:25:F4:73:BC:BA:2E:12:A7:FD","sha256":"3B:19:CD:BE:44:E6:EE:DC:8D:33:2B:A2:1C:E4:13:F8:6F:7E:2E:52:5D:0E:75:F3:1A:ED:21:1B:7A:B7:2E:BA"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bonks.finance\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 23 Jan 2026 13:20:45 GMT\r\nexpires: Sat, 23 Jan 2027 13:20:45 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nage: 87779\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-04-22T06:04:48.488609Z","times_seen":17916,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":169,"dns":1,"connect":8,"send":0,"wait":10,"receive":9,"ssl":163},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:23 GMT","end":"Mon, 23 Mar 2026 19:52:22 GMT"},"fingerprint":{"sha1":"5A:74:FC:38:D2:7B:9B:E5:E5:0D:67:25:F4:73:BC:BA:2E:12:A7:FD","sha256":"3B:19:CD:BE:44:E6:EE:DC:8D:33:2B:A2:1C:E4:13:F8:6F:7E:2E:52:5D:0E:75:F3:1A:ED:21:1B:7A:B7:2E:BA"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bonks.finance\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 23 Jan 2026 13:20:45 GMT\r\nexpires: Sat, 23 Jan 2027 13:20:45 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nage: 87779\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-04-22T06:04:48.488609Z","times_seen":17916,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":194,"dns":6,"connect":22,"send":0,"wait":14,"receive":2,"ssl":171},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/Logo.png","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonks.finance","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:08:04 GMT","end":"Thu, 09 Apr 2026 20:05:44 GMT"},"fingerprint":{"sha1":"02:3C:A8:FD:D4:EB:DB:59:BA:D8:38:C3:70:54:B8:A6:FA:12:7E:B4","sha256":"CF:AD:96:7A:56:5A:B7:AA:A9:18:6A:79:0C:76:C3:91:88:14:DF:5C:C8:DF:DD:15:A2:D9:90:BC:F3:31:18:34"}}},"request":{"raw":"GET /Logo.png HTTP/1.1\r\nHost: bonks.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonks.finance/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 13:43:43 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Tue, 11 Nov 2025 16:33:03 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QQSBaAN1%2FHFfGbPvLEH0y3iKcM4OOxYmEwwp72%2FqUCamq41oLYzwAy6aefKOHeohY5UPPZr9y%2FRs%2FaLzW55qS3g5VbghZFQf7vjU\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9c2ff61f3f837127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26899,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"7c6b77302ecfc2a06806f4e20422b489","sha1":"495a6882962dafa4fe095d7c6402f255a9d37438","sha256":"5e50f2090a628d005c567a94a34087270a7563da12df08e99bcc09679f2f4519","sha512":"7dbbf3c34962e451a9bec483d61e6403a518d094057623bc9242df3432b04cdb00e8b5a371fcb9877cc189d7aa9fe9991b0c1d5743d4f67ed0d063e89775bfb2","ssdeep":"384:bRhnr4ejNdBlqlsilLf3mmyqRqWbRqOyRqqGRqFrRqL73mfGtdNmoUgNAGo:bRhhIWoUgW7","tlshash":"c0c220a0b74fa12b930b62d7b6b173d5ee3dc831c20701bf71f6653642dd41947226aa","first_seen":"2025-11-20T05:06:50.92746Z","last_seen":"2026-01-24T13:44:19.553274Z","times_seen":3,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/bg.png","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonks.finance","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:08:04 GMT","end":"Thu, 09 Apr 2026 20:05:44 GMT"},"fingerprint":{"sha1":"02:3C:A8:FD:D4:EB:DB:59:BA:D8:38:C3:70:54:B8:A6:FA:12:7E:B4","sha256":"CF:AD:96:7A:56:5A:B7:AA:A9:18:6A:79:0C:76:C3:91:88:14:DF:5C:C8:DF:DD:15:A2:D9:90:BC:F3:31:18:34"}}},"request":{"raw":"GET /bg.png HTTP/1.1\r\nHost: bonks.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonks.finance/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 13:43:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 1583431\r\ncast-mode: default\r\nlast-modified: Tue, 11 Nov 2025 16:33:03 GMT\r\netag: \"6913653f-182947\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NMYMJ3qDhnKl6%2FSLTZcr%2B%2BEZD9UoQb%2BSjU5qpTWNoQo4qA%2FDLiky7gTM5%2FFTMz3I%2FCo9Yxx70%2BaVcy74CjXFAYin2BRdhP%2FpZ57y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9c2ff6237fa87127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1583431,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced","md5":"1afa424486384b4d8132ff4947cf86bd","sha1":"8f46a6c5a70e787ddf4eb19f1702ac7728f0a892","sha256":"05047a5827a521ef50d8927760a8cc5376166c20c500d32ddae42b2e8babce31","sha512":"7164300568d035397e87f4e74fb44fe25c55309392d24d34f67893bc38bace837c6edddb07d6fe594d660ff8208e5891096fb90c328ea172afb7b973355c5b95","ssdeep":"24576:n6iu8vltribqGROnUWToITQ1s9gEqU3tUZyTbQANBAWR:6iu8fibqwAOs9gEqU30mDNeU","tlshash":"4c2533101d2420debfda18b39bfbe7115e97b4dbc70e165e172ea0e962413968f6438c","first_seen":"2025-08-07T21:44:49.322403Z","last_seen":"2026-03-25T21:01:51.481153Z","times_seen":16,"resource_available":false,"data":null}},"time_used":702,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":463,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fjoi.legacy.esm.js\u0026t=29487703","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:44.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonks.finance","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:08:04 GMT","end":"Thu, 09 Apr 2026 20:05:44 GMT"},"fingerprint":{"sha1":"02:3C:A8:FD:D4:EB:DB:59:BA:D8:38:C3:70:54:B8:A6:FA:12:7E:B4","sha256":"CF:AD:96:7A:56:5A:B7:AA:A9:18:6A:79:0C:76:C3:91:88:14:DF:5C:C8:DF:DD:15:A2:D9:90:BC:F3:31:18:34"}}},"request":{"raw":"GET /secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fjoi.legacy.esm.js\u0026t=29487703 HTTP/1.1\r\nHost: bonks.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bonks.finance/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 13:43:45 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\nvary: Accept-Encoding\r\ncache-control: max-age=2592000, must-revalidate\r\netag: W/\"a0502-14+i6Bt7XM8ofHk8WpmFyqoPYWI\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=joi.legacy.esm.js\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 01/24/2026 13:43:44\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: dfc8ac1b49c425ef4345ffba56336463\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3gSHn6ipkLFEMP1iJ7tlxIkgDYabh4jr1fvCH%2B3lHfhVArAeIoRt7s7rga1HS%2BzbZfRI%2BUwobE7fDrIFoAy5re9zfbbxocOpOhU%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c2ff627efbb7127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":656642,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-04-21T16:12:40.397384Z","times_seen":2485,"resource_available":true,"data":null}},"time_used":637,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":393,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bonks.finance/secureproxy?e=ping_proxy","fqdn":"bonks.finance","domain":"bonks.finance","tld":"finance"},"ip":{"addr":"104.21.30.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bonks.finance","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 09 Jan 2026 19:08:04 GMT","end":"Thu, 09 Apr 2026 20:05:44 GMT"},"fingerprint":{"sha1":"02:3C:A8:FD:D4:EB:DB:59:BA:D8:38:C3:70:54:B8:A6:FA:12:7E:B4","sha256":"CF:AD:96:7A:56:5A:B7:AA:A9:18:6A:79:0C:76:C3:91:88:14:DF:5C:C8:DF:DD:15:A2:D9:90:BC:F3:31:18:34"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: bonks.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bonks.finance/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 13:43:44 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: accept-encoding\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nlast-modified: Sat, 24 Jan 2026 13:43:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UC0YRVSYXUpaRxiFaVTf%2FYcbf0K4sF%2B3KtXFTDILWND2BJXTSDrZ40Q6x1q2OwaJdLjSHuCjxaFZJ30rPO1MvWPxUc3%2BOUJvBzcx\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 9c2ff6234fa67127-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"6fdb087aa3fbfbcb8287a593a0919e61","sha1":"0e514a0662bcb69dc863953d1ce26e3d40e81a87","sha256":"9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2","sha512":"be5457d14c930b51b47ab152850c1ceaafe6ef88c8671b48164abbc83410b0c07a1e178540f6cdeac5f2672cadb1d1cbbb3434b3e39bc2c50c4646a2bae57437","ssdeep":"","tlshash":"fe300000300000000000000c0000000000000000000000000000000000300000000000","first_seen":"2023-04-12T09:14:15Z","last_seen":"2026-04-22T05:22:55.311962Z","times_seen":8431,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-24","alert":"Sinkholed","trigger":"bonks.finance","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bonks.finance/","date":"2026-01-24T13:43:43.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Dec 2025 19:52:23 GMT","end":"Mon, 23 Mar 2026 19:52:22 GMT"},"fingerprint":{"sha1":"5A:74:FC:38:D2:7B:9B:E5:E5:0D:67:25:F4:73:BC:BA:2E:12:A7:FD","sha256":"3B:19:CD:BE:44:E6:EE:DC:8D:33:2B:A2:1C:E4:13:F8:6F:7E:2E:52:5D:0E:75:F3:1A:ED:21:1B:7A:B7:2E:BA"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bonks.finance\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 23 Jan 2026 13:20:45 GMT\r\nexpires: Sat, 23 Jan 2027 13:20:45 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nage: 87779\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-04-22T06:04:48.488609Z","times_seen":17916,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":195,"dns":0,"connect":21,"send":0,"wait":8,"receive":7,"ssl":180},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}