{"report_id":"45357ffe-9a1b-4dda-af66-6298d00fc20a","version":6,"status":"done","tags":[],"date":"2026-04-07T14:06:30Z","url":{"schema":"https","addr":"bybitlz.com.cn/","fqdn":"bybitlz.com.cn","domain":"bybitlz.com.cn","tld":"com.cn"},"ip":{"addr":"154.216.106.252","port":0,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"bybitlz.com.cn/","fqdn":"bybitlz.com.cn","domain":"bybitlz.com.cn","tld":"com.cn"},"title":"Bybit官网_Bybit交易所_Bybit下载_合约交易平台入口","dom":{"size":56253,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3179)","md5":"4e5bcf803247f213dbb080cb802b30fd","sha1":"8b11966ebbfed878fbb509f5ba216d2b3ccce2fd","sha256":"3dc4c8a1a9820b992b47cb75468cdabf2b8df359dd02534715e0d02408719f20","sha512":"60d5e5e20d3a28cd98c156e70264b83729bc0cfd72776418f4a5629d36792bee4ac6e3ed74d5c705f71e49bcbbaaea11a694582f069962d4639d93c987e77b09","ssdeep":"768:CwlvqQmuDw+k2dGDT0+gfH7K17BopFZmyX7pXA:o+f1I17qpbXdw","tlshash":"c843b973d385041a7937d4e1b2e5778e30749107d017cae8baba2266cfca9a717e274c","dom_hash":"domhashdca43a16fb72e586d24a161525a0ab17","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"bybitlz.com.cn/","fqdn":"bybitlz.com.cn","domain":"bybitlz.com.cn","tld":"com.cn"},"ip":{"addr":"154.216.106.252","port":0,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-12T14:06:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"bybitlz.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-05T22:20:18.514512Z","alert_count":0,"request_count":1,"received_data":8144,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-05T22:16:34.770209Z","alert_count":0,"request_count":4,"received_data":84663,"sent_data":2340,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bybitlz.com.cn","ip":{"addr":"154.216.106.252","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-03-26","domain_rank":0,"first_seen":"2026-04-07T14:04:45.304138Z","last_seen":"2026-04-07T14:04:45.304138Z","alert_count":1,"request_count":1,"received_data":56692,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bybitlz.com.cn/","fqdn":"bybitlz.com.cn","domain":"bybitlz.com.cn","tld":"com.cn"},"ip":{"addr":"154.216.106.252","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"31de61e9f498e4004c383718a4679825","sha1":"1abd5491fa027e231feb9ee5163d0a0f302ae520","sha256":"22c1104381190711b9797122a433128447b03eb41a4b625bdbf8af57bc10da52","sha512":"e4461aa5ec6a357288b5a1b2e49cedc640dfc2b0e7bebfaaf74fe0a23123279d43a08fb04f53a621a5b074015bf6ed6c9a88b5f9b95830ad5a856accd866eb63","ssdeep":"","tlshash":"f2f020bb89127013c77270a7a852de0c6d77e804eb260920cc38c5a907ecdc294eb638","size":569,"data":"","first_seen":"2026-04-07T14:00:46.035476Z","last_seen":"2026-04-07T14:12:43.157932Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bybitlz.com.cn/","date":"2026-04-07T14:06:10.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=JetBrains+Mono:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bybitlz.com.cn/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 07 Apr 2026 14:06:10 GMT\r\ndate: Tue, 07 Apr 2026 14:06:10 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7458,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ad0499efe2f91a41b40e888afd5ecfab","sha1":"b74cfe6848bd898d165f24b2c21675cfa6346571","sha256":"86dc613fce2d24b2a451b9992adf4bd36ca8e4d6f8b54a59fbc7a5ec0e35f899","sha512":"47b57193e977ca379f2c1b74262445e31e72dfa251b144fcc9561e3ee02f30d8ad754d7b9f4972e9d2fc97d556dccfc2640acf4af6c5383248a341fa719a1046","ssdeep":"96:hOEaGxOEaXFZ8OEaKG3+OEaHOEaDJc+u6OEaKNqOXaGxOXaXFZ8OXaKG3+OXaHOD:uG+7p3ZAXYjG9Up3qnXfFGbep3g5XxV","tlshash":"cdf1dee1001a8404ea472cda73cfbe356d8ea1072085e5f9cbff19585daac76633475d","first_seen":"2025-10-01T22:47:49.655721Z","last_seen":"2026-04-18T01:20:47.680737Z","times_seen":22,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":132,"dns":1,"connect":21,"send":0,"wait":32,"receive":0,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bybitlz.com.cn/","date":"2026-04-07T14:06:10.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bybitlz.com.cn\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31432\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:17:35 GMT\r\nexpires: Sat, 03 Apr 2027 21:17:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 319715\r\nlast-modified: Wed, 10 Sep 2025 16:52:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31432, version 1.0","md5":"b636a65da4f00129f08c7df6e5dd75ac","sha1":"4f27206c4b1caf8b7805597fcbc6922ff5805daa","sha256":"83c005d49d8a6a50474c73a5a36ac0468076e9c4a29da7bdb14995d80560a5be","sha512":"77ad92edddd5fc9ce47b8b329cf41b2fec895ea01a97b9122df3766163998fadcbe47c868631208636c4e587136ddd390d38e3e9da2743758c9da2c77a66f859","ssdeep":"768:a8+AGQwBrw24YHLKRG5lBF260n1e5vhjJKWWAD95I9Puggtx:B+AiBrw2fHL+GyvYtYADM9Pug0x","tlshash":"52e2f274ea41ca57676335ed4203e99d015fa318ebf6fd40869ccad2a506bcb7c4033a","first_seen":"2024-10-21T03:03:54.505463Z","last_seen":"2026-04-19T09:52:26.405206Z","times_seen":3262,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":98,"dns":2,"connect":7,"send":0,"wait":9,"receive":7,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bybitlz.com.cn/","date":"2026-04-07T14:06:10.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxDcwg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bybitlz.com.cn\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31432\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:17:35 GMT\r\nexpires: Sat, 03 Apr 2027 21:17:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 319716\r\nlast-modified: Wed, 10 Sep 2025 16:52:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31432, version 1.0","md5":"b636a65da4f00129f08c7df6e5dd75ac","sha1":"4f27206c4b1caf8b7805597fcbc6922ff5805daa","sha256":"83c005d49d8a6a50474c73a5a36ac0468076e9c4a29da7bdb14995d80560a5be","sha512":"77ad92edddd5fc9ce47b8b329cf41b2fec895ea01a97b9122df3766163998fadcbe47c868631208636c4e587136ddd390d38e3e9da2743758c9da2c77a66f859","ssdeep":"768:a8+AGQwBrw24YHLKRG5lBF260n1e5vhjJKWWAD95I9Puggtx:B+AiBrw2fHL+GyvYtYADM9Pug0x","tlshash":"52e2f274ea41ca57676335ed4203e99d015fa318ebf6fd40869ccad2a506bcb7c4033a","first_seen":"2024-10-21T03:03:54.505463Z","last_seen":"2026-04-19T09:52:26.405206Z","times_seen":3262,"resource_available":false,"data":null}},"time_used":371,"timings":{"blocked":190,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":170},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPx7cwhsk.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bybitlz.com.cn/","date":"2026-04-07T14:06:10.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPx7cwhsk.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bybitlz.com.cn\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11624\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:38:57 GMT\r\nexpires: Sat, 03 Apr 2027 21:38:57 GMT\r\ncache-control: public, max-age=31536000\r\nage: 318434\r\nlast-modified: Wed, 10 Sep 2025 16:58:08 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11624,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11624, version 1.0","md5":"bd4781a31b4215a1e80868802b3d0e05","sha1":"06ad36000cd89dec93e4398c5b62565ab1d1b1e2","sha256":"db5ff4db83e580426280e9337a58dc57d3a83784a1b03ad80914651594441d52","sha512":"49b11df2a23830aadb044f1b1dacb481b16f198bd93ff3b563f5edd9e3b87a2399564f025b5582c5cb49f373c9a7429004ba8250756d1a6c84d7b4fff9c6d9c0","ssdeep":"192:Gn+/zzyRJgQbETz4+DkOtGNaYtNceZyi6aGofEsXBymPIdXBOonkCKaIgwX:xeLxIcGkO4IbRaGofEsXBvPI7O67Y","tlshash":"8532b0c427abf992dc1040b1e94726820e15d753290e7805b6b472e1ae9a9c75189fff","first_seen":"2025-08-08T05:21:53.783325Z","last_seen":"2026-04-18T12:55:41.444943Z","times_seen":157,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":159,"dns":1,"connect":20,"send":0,"wait":11,"receive":1,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxPcwhsk.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bybitlz.com.cn/","date":"2026-04-07T14:06:10.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/jetbrainsmono/v24/tDbv2o-flEEny0FZhsfKu5WU4zr3E_BX0PnT8RD8yKwBNntkaToggR7BYRbKPxPcwhsk.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bybitlz.com.cn\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 6836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:17:37 GMT\r\nexpires: Sat, 03 Apr 2027 21:17:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 319713\r\nlast-modified: Wed, 10 Sep 2025 16:52:33 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 6836, version 1.0","md5":"b1b5690e0694c2f6d6cd96719a2fc1ea","sha1":"bcedb9e2e5283c1b888525348cbc2c5f07bde3ec","sha256":"0a557721b1f8b36d3f3f84442689a71ca4a744300abcb46a1953f51bfc663b66","sha512":"0099d92362680d53f3c1c470842c23155ab4ab4ace7e8a8f884603fc51e2083c506dc4433ced57f673035eaf0ff63051c041ceea737b547b0f99faf240929437","ssdeep":"192:4CcAEdyurqoYjCXe5LhkC3OJ5T7zZLFuUM:dQyurq/EQ3ElZLFuUM","tlshash":"29e1cfce6a587654fb06693c7b82c1c11ca1fa8c653cb0b5920c6f2aebb7047115a1fa","first_seen":"2025-08-08T05:21:53.815973Z","last_seen":"2026-04-09T17:56:33.933635Z","times_seen":21,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":59,"dns":1,"connect":21,"send":0,"wait":10,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bybitlz.com.cn/","fqdn":"bybitlz.com.cn","domain":"bybitlz.com.cn","tld":"com.cn"},"ip":{"addr":"154.216.106.252","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-07T14:06:09.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bybitlz.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Mar 2026 09:29:32 GMT","end":"Wed, 24 Jun 2026 09:29:31 GMT"},"fingerprint":{"sha1":"B5:A0:52:F1:F8:26:02:36:10:1E:95:2A:6F:C6:A0:10:6F:79:06:83","sha256":"15:9E:88:10:73:FF:CA:D7:3B:3C:5D:05:30:2B:A2:13:99:05:C3:A7:68:EB:44:9E:89:24:F8:2C:2A:B5:50:DB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bybitlz.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 07 Apr 2026 14:06:10 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 26 Mar 2026 09:56:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c502d3-dbb7\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56247,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3179)","md5":"df82065c57969629579496b7e5e6edc4","sha1":"f447ea59967d39ddf553bfd86541340e69482ea6","sha256":"912e4c80d421d98c6538287b897c745dd7115a5e69c00a23d0b2b9c72347bf8e","sha512":"d2bafce5922c810b38d8f1817f3f17a95cacbc0f8074e1d84e8c3a9544ba49ce0533cc334de6de6d5524e6bce4bd04d9e1632b500c6b58df2e68c76edfb8b727","ssdeep":"768:wwlvqQmuDw+k2dGDT0+L2fH7K17BopFZmyX7pXdy:m+f1e17qpbXdM","tlshash":"0f43b973d385041a7937d4e1b2e5778e30749107d017cba8baba2266cfca9a717e274c","first_seen":"2026-04-07T14:04:50.847793Z","last_seen":"2026-04-07T14:06:32.189653Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1269,"timings":{"blocked":507,"dns":1,"connect":251,"send":0,"wait":251,"receive":0,"ssl":256},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-07","alert":"Sinkholed","trigger":"bybitlz.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}