{"report_id":"5323ff56-98a3-4a59-b00a-561dbc5af724","version":6,"status":"done","tags":[],"date":"2026-04-12T19:10:14Z","url":{"schema":"https","addr":"binance.coke-twitter.com","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":0,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"binance.coke-twitter.com/","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"title":"Binance - Cryptocurrency Exchange","dom":{"size":194257,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (64843)","md5":"263c2c36797daf9e485747b1a107bcbf","sha1":"8b9a740e8be4b6363c726d557e987be78f2fe9f6","sha256":"b3e19ae6c939a5f8a6a7d08384f0fdd2138293024f0d64ec0a7fd8b10755d0c7","sha512":"c63353ef6e828ec58275515429147f4bddf489269880c717d60bc13a923204f30769faa7e3aa6517031d319b2c8599343c1f8438f6763482661efab29f5efe7c","ssdeep":"1536:536irOcjgxdo5EwdOnyUVRyXsHWQ2XK189FTi9S7hxy58j2Z+GYZg6lToMQ2shNq:DyAvdk5HWRKAFOk7hxy52ZRTohvy","tlshash":"fe1448a4b3a3b022d363f872502f100ab53ba466f5495daef294e8e4ddf145a0173f79","dom_hash":"domhasha074121a9c6e63201e953983172dc624","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"binance.coke-twitter.com","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":0,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-17T19:10:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"binance.coke-twitter.com","ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"domain_registered":"2025-10-09","domain_rank":0,"first_seen":"2026-04-12T19:10:15.125067Z","last_seen":"2026-04-12T19:10:15.125067Z","alert_count":48,"request_count":12,"received_data":138837,"sent_data":5435,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Sign-in","description":"Google Sign-In is a secure authentication system that reduces the burden of login for users, by enabling them to sign in with their Google account.","website":"https://developers.google.com/identity/sign-in/web","common_platform_enumeration":"","icon":"Google.svg","categories":["Authentication"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-04-05T22:33:08.106483Z","alert_count":0,"request_count":3,"received_data":323645,"sent_data":1599,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"accounts.google.com","ip":{"addr":"209.85.233.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":103,"first_seen":"2012-05-23T06:57:57Z","last_seen":"2026-04-06T00:47:45.377188Z","alert_count":0,"request_count":3,"received_data":460133,"sent_data":1625,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-05T22:16:34.770209Z","alert_count":0,"request_count":2,"received_data":112100,"sent_data":1064,"comment":"","tags":null,"fingerprints":null},{"fqdn":"play.google.com","ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":48,"first_seen":"2013-05-30T23:24:35Z","last_seen":"2026-04-06T00:23:30.187026Z","alert_count":0,"request_count":2,"received_data":1121,"sent_data":1052,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"accounts.google.com/gsi/button?theme=outline\u0026size=large\u0026width=400\u0026is_fedcm_supported=false\u0026client_id=240275389988-jvskit5ki2dg5ekss1enb3es004n9tvi.apps.googleusercontent.com\u0026iframe_id=gsi_994056_53341\u0026cas=GYUnNMBd3ZBXU8jLfqlPR0lzugIWf5zKO9vjVmztD9s","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"209.85.233.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d6241b28b5995cb1a36abfb2f1159e72","sha1":"fb31d24aa2fb40ca0b4c7bd41f87e7aff86cadb9","sha256":"b2f1c351a6750e924df7cc73cb5654148613988566fcc53091bf8128c944d8fb","sha512":"a808e3a277a47e07bc4d0dc9d8ddb2ae8859bba0ed79a71d70d6a26574672f328bb7dfcf4b740eb0f939a4d95e78f9753348cbec6feaf3eb0c2241ded7107272","ssdeep":"1536:fgxdo5EwdOnyUVRyXsHWQ2XK189FTi9S7hxy58j2Z+GYZg6lToMQ2shNMgF5:+Avdk5HWRKAFOk7hxy52ZRTohvP","tlshash":"0ec3c8d8b2a270625363f8a5813f000bb27b68a9f44c5cacf295d9e1adf05498177f7d","size":127447,"data":"","first_seen":"2026-04-10T06:52:36.08225Z","last_seen":"2026-04-12T22:10:26.062038Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/config.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa0ee935d1e0a33b99abe33a3c9ea705","sha1":"3695697c08039b9a6f2d74cb3ca92a36b1a693d5","sha256":"a62c1dda8b1c4ac12876b2724ec514db34a79af939e915843ae86c573a758e99","sha512":"6a3308f3fb921a935603a1fae6206614d1cc069a44834fe73e640fb2c13dae81e9a0812fc2e8c0f61f2090a9e3ac258860bac98e6674cb13b5111377aa1dcb7f","ssdeep":"","tlshash":"47f0d4bb3751602616c2d911b255b25a3f271043c9d271c76e12d25d2b8db0396d7bd3","size":468,"data":"","first_seen":"2026-04-12T19:10:17.651212Z","last_seen":"2026-04-12T19:12:16.727707Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/i18n.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"09d41959cbae8f5da4f6c03de0b714a1","sha1":"8eb23516aae487cdec2495fccd4a4668ecc7f862","sha256":"7ebd86fb4335c3c38624f9fbc1f300bc1fd9f73386439ad40d4c5f698c697f2b","sha512":"f8fd263006d8db476806d6ff31b28af898ee2734f5dca9c2b97a3c714af15bd8b5e2fe615451912aa9009ebaf041276da18bce3e4920ca05ad6e1f307c0bc20a","ssdeep":"96:yMml4Exzvz42SBcZXxzozBK/5k8fAKVfJa5w:yMmiEpb42SYyBK/5bhVRa+","tlshash":"0f91a7fa996312a485425bafe0fdaf5220869617dcc1702b771c7a457fcf00ca4f18ba","size":4528,"data":"","first_seen":"2026-04-12T19:10:17.63775Z","last_seen":"2026-04-12T19:12:16.730369Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/api.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd65d24d7c41a9f8c378173ba3f55644","sha1":"9f04a2a408eaf33e8aa8ec67a8e7af10d96ca2d6","sha256":"9cbccbc9fa175b326ce24df87e9f87bd282fe2a262065d4cad1e49b0fa48724d","sha512":"ab4a7c1a36026ab3b55c6043e37b7155b00ee2acf1d5a720b72011d72dcea8a68c5a319a5d7d8cce1fb6c4fdfa1663022f02c408156377ff8b7de2e69f21d985","ssdeep":"96:J8BajiCXaQirO+flQdy16fhv/DQ//nUkrKLtyk9CiEuTPlz8XCo8COLUx8I/qQyO:GBunmlQdy1av/DQ//nUkrUtyk9CeTPlg","tlshash":"b3c154c72243a16546f6fbae1b47e416a03ae427b403cc58764c06e5af5d86c84f7fd1","size":5692,"data":"","first_seen":"2026-04-12T19:10:17.658155Z","last_seen":"2026-04-12T19:12:16.736992Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/notify.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b0767adefc894e46ee9306b87b4f9684","sha1":"b0ea4337bc57c1dfa8970770aaaefa9744292543","sha256":"8e0746948d0b03c993289da2113a3b988ce2fcfb607847deef65dcf709d6d266","sha512":"6945dfe83c08ff196cc7e5961708e706f9e345827fc278dcea0dd0ad7432d6490360f120f57a6b55db2a7d049011b91a74e32b84d9c8dfc19bf7282d7faf9e94","ssdeep":"","tlshash":"a071335e30b7653549abb0ba9b9f0645b53391037406dd107bae82406fa0ea2cbf7bc4","size":3505,"data":"","first_seen":"2026-04-12T19:10:17.659871Z","last_seen":"2026-04-12T19:12:16.739132Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/ws.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"84680e1f0aa9ec6cde7c7c357f5e8798","sha1":"1afa78861f888eb7a389b851a505ec4d2c190989","sha256":"b79dd3f946d5e001a93a444a1ea126e6187885cf66872a11c4e8b10bab1742a8","sha512":"3c50d26012ed035239623874d1b9df088045935477a2209e3ecc1ff793950994feee88358d8c60afece6e1a40c86570c6399eee124fc0e9a3dad2d365695015d","ssdeep":"","tlshash":"9d31328b27bf5419801336764fc74421363a905b2943ca5df1acd2e25f94d3c5547fa8","size":1783,"data":"","first_seen":"2026-04-12T19:10:17.645337Z","last_seen":"2026-04-12T19:12:16.732421Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/main.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"65c68741bfff5abf6a8f0ca5a687ff88","sha1":"ea292a39a66d7289d0ad927b03c6d3d636bbb17e","sha256":"f03b458bae19691404f23b46cb670fa959402adbcea58ed015169e11fb5ad50f","sha512":"2b5443ac533f62649c0c9541edf4eaf099b02550aa921afadc96238ac9a392dcb1ae41776b8f72dc32bc33ee034d3fc0feacd7009428a92bc632d319614eada2","ssdeep":"384:vD05zteC2eQeOZeWs4aoHEZew17WpztybvE5xOj:v4FtemOcWVpztyjj","tlshash":"b3b2712a32b71076457331ae5bcb6a497222a05b3605de4c3f2d83441fc2966a7f3fe5","size":24684,"data":"","first_seen":"2026-04-12T19:10:17.653078Z","last_seen":"2026-04-12T19:12:16.731196Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/auth.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"69294ec9aa395b9e926495490e991efe","sha1":"d22ee76828dae7c214bae61a31eb11e0302e9c57","sha256":"1184bc8dbd44c752a7c1349a37d1c31fd1cb7e91b4533342d689c74bdb4fb2a5","sha512":"83ad1454762fb6ba27fc8de81b1a881da0ebcdc52743c3b72081057186b9a1574b1b4b16dff7563c1df4e9c5a8a7f0562aa45a3bc8da066e51dd52db47c5d9d2","ssdeep":"768:oBdFhVAc5bj1EoRdHBFv92+pIgAAhMCnEJZu:oBdFhVAc5vRdHBFv92+pIgAAGCnEJI","tlshash":"c003654922bf103249b365bb5fc72716723350172c0ace6c7e6c47482f55e66aab2fe4","size":38729,"data":"","first_seen":"2026-04-12T19:10:17.66162Z","last_seen":"2026-04-12T19:12:16.728445Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/gsi/client","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"209.85.233.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed9fcddcd44e662b7d451a5c49483739","sha1":"77b61c85907c1c201a3a8f86f7fd79231a5b21b8","sha256":"681531ed7a372479524ffbef738c1242adf8d5877af5a7970751fc7b4d57e66e","sha512":"c5d1918eb65fb9f1c6f6756f65304721f710034a42f8dffe8dc23a53a7283cd9c1767451e3127b448a36557acbd5728cb835504981dd5a7b4414a39adc3bb0d8","ssdeep":"6144:ZYdatwk7hxy5ZhtJBtS/R4SNIwnK76kWuaCzfS0ZsQ:uEtw9hPy/R4S+s0/WuaCzq0yQ","tlshash":"95444adcb6e270355212f8b5c43f410ab076aa79f0498cacf694c6f5acb1d890167f7a","size":263156,"data":"","first_seen":"2026-04-10T07:19:54.390227Z","last_seen":"2026-04-12T19:10:17.654781Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/_/gsi/_/js/k=gsi.gsi.no.NynVzFF1YOM.O/am=AAAACQKYAgE/d=1/rs=AF0KOtWu7VbVgiE4svTzvw_jpFN0i0SO3g/m=credential_button_library","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c17588781255eb86ba6b444fdbf34bf0","sha1":"485db348a5e02284bf50e921f5055ed4ee5abd21","sha256":"2ed658050099389c13b1acdcc688301e547e7d4026f2e7461421d0eba5470e2f","sha512":"d36311ad4fcf74d5da5ec3c8f7279a5c955c7241f9866584bdfce6b6eee68a63789714c1f1e841e7207a6ab992d359a92da4d93ee8237798c78abe26def4ba4e","ssdeep":"1536:3gxdo5EwdOnyUVRyXsHWQ2XK189FTi9S7hxy58j2Z+GYZg6lToMQ2shNMgF5:WAvdk5HWRKAFOk7hxy52ZRTohvP","tlshash":"e9c3c8d8b2a270625363f8a5813f000bb27b68a9f44c5cacf295d9e1adf05498177f7d","size":127448,"data":"","first_seen":"2026-04-10T06:52:36.083558Z","last_seen":"2026-04-12T22:10:26.057861Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/googlesans/v62/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCIhMl07v0x.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://accounts.google.com/gsi/button?theme=outline\u0026size=large\u0026width=400\u0026is_fedcm_supported=false\u0026client_id=240275389988-jvskit5ki2dg5ekss1enb3es004n9tvi.apps.googleusercontent.com\u0026iframe_id=gsi_994056_53341\u0026cas=GYUnNMBd3ZBXU8jLfqlPR0lzugIWf5zKO9vjVmztD9s","date":"2026-04-12T19:09:54.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/googlesans/v62/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCIhMl07v0x.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://accounts.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 55216\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 12 Apr 2026 01:31:47 GMT\r\nexpires: Mon, 12 Apr 2027 01:31:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 63487\r\nlast-modified: Tue, 29 Oct 2024 18:37:59 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55216,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 55216, version 1.0","md5":"79a898c4178c1c3da9702e53272b28f4","sha1":"47039421fbe12912a6ec8731181f20b0d084eda9","sha256":"d1f470e35f02537a3290ad9015b7c81fe9ca3295f6e691ef564520bcb6314501","sha512":"0a7894f91f314ada88b69e8e710e42fc3c69e5abba5149a52a3ae7aacbc09bcd6332626c1c5bf9f7637d5d1ced6fac7e3a0cffeb780b733b879b71fc7322813a","ssdeep":"768:GM5rYySQ4HdDApsqID60V1GIchzku+4/Asgjo4f7vmyKjrE7iE7RvJ80cDrATlkO:HIe0mxoNkAY4fFK07vM0cDrqzAhHSTf","tlshash":"f04301ebb01a1189e6a2207112261979609b84e19f3fa118717f638d8cd7bfd75d8374","first_seen":"2025-03-21T06:19:09.564073Z","last_seen":"2026-04-12T23:31:19.519708Z","times_seen":85329,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":100,"dns":1,"connect":9,"send":0,"wait":17,"receive":11,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play.google.com/log?format=json\u0026hasfast=true\u0026authuser=0","fqdn":"play.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://accounts.google.com/gsi/button?theme=outline\u0026size=large\u0026width=400\u0026is_fedcm_supported=false\u0026client_id=240275389988-jvskit5ki2dg5ekss1enb3es004n9tvi.apps.googleusercontent.com\u0026iframe_id=gsi_994056_53341\u0026cas=GYUnNMBd3ZBXU8jLfqlPR0lzugIWf5zKO9vjVmztD9s","date":"2026-04-12T19:10:04.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:36:36 GMT","end":"Mon, 15 Jun 2026 08:36:35 GMT"},"fingerprint":{"sha1":"18:C0:58:2B:5D:87:E5:61:B4:D7:89:8D:F8:71:E1:F3:C2:A1:AC:0F","sha256":"48:84:82:83:03:74:3F:66:23:23:75:30:1C:DB:DC:04:25:34:9F:AB:ED:62:1A:31:F5:05:C4:07:05:B9:1C:06"}}},"request":{"raw":"OPTIONS /log?format=json\u0026hasfast=true\u0026authuser=0 HTTP/1.1\r\nHost: play.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: x-goog-authuser\r\nOrigin: https://accounts.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: https://accounts.google.com\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Sun, 12 Apr 2026 19:10:04 GMT\r\nserver: Playlog\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T23:55:43.817529Z","times_seen":13682782,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":82,"dns":3,"connect":14,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/css/styles.css","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:52.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET /css/styles.css HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:52 GMT\r\nContent-Type: text/css; charset=UTF-8\r\nContent-Length: 30316\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Tue, 14 Oct 2025 03:49:39 GMT\r\nETag: W/\"766c-199e0d68803\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30316,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"Unicode text, UTF-8 text","md5":"62a871cd659683e88ec75d2e8691c6e7","sha1":"0f0a2c8c72964bdc9225db6acf4da018027d908a","sha256":"2dee718f2f8db7c299093733dc7f63e4bf2d00ead1721228f4a043e44c3c770a","sha512":"718851f31611012654964ee9fe2846e0b2e1b5173244cc011f2cc58edb638756a6ec4c50648c3cae27a5ed583dd4830dde34f3fe885dda81e7542660fb8d2a0f","ssdeep":"192:ys17wbY+8gvIqCx8ypITGkoS1X2arM4zDArD74baSKsjMkYbFYlLaBb8mxJheFCD:ysxwbY+8gv67n/6Jtf58","tlshash":"0bd2c000b673daf6683ba62d57efd74c3258a1478909ce5e7b8c21054fc93fe51a1b88","first_seen":"2026-04-12T19:10:17.633399Z","last_seen":"2026-04-12T19:12:16.73619Z","times_seen":2,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:52.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.0.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Apr 2026 19:09:52 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 15248\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"620188b3-3b90\"\r\nlast-modified: Mon, 07 Feb 2022 21:01:39 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 149486\r\nexpires: Fri, 02 Apr 2027 19:09:52 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cGvtJTT%2FRyOEXQZgPqD1eMvxIEJSPKPk%2FtIbTmiBsQeJCttYth8sAIbEOgLhFxG%2BAxfdWjCvY%2F2mkMTyP10XH9ukUyifcC3VlKX43sBw0q%2B2H8oYVnPiJoPdFHnN4NBLtgkFzimQ\"}]}\r\ncf-ray: 9eb48725ac86b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89220,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65317)","md5":"dfb8fc36e102730fddf78b5494eb0035","sha1":"b513d9a39af2ee145f12c1ba03f9982960c47029","sha256":"8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e","sha512":"f6eb006b5d0844ed078689e9c80215a63af294fbe80f088f52229d5a4e6ddcfca8958d5c39de03484d066beae2e00b93ae83d1e5a42f5d4f710baa8e3e7cc57a","ssdeep":"1536:iUMVM6MVMkMVM9MVMNMVMispxd1zJJ29Nll3IV7UHsR+z:Dd1NY95IV7UMR+z","tlshash":"8a93a9e9e04c05d56732c44baf99b37ca5b6f73cd5810da9f02f580c19d26a822c6f7a","first_seen":"2023-04-06T16:57:15Z","last_seen":"2026-04-12T22:51:50.819447Z","times_seen":8887,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":9,"dns":0,"connect":1,"send":0,"wait":9,"receive":1,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/i18n.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:52.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET /js/i18n.js HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:53 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 4528\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Tue, 14 Oct 2025 03:50:07 GMT\r\nETag: W/\"11b0-199e0d6f48e\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4528,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"09d41959cbae8f5da4f6c03de0b714a1","sha1":"8eb23516aae487cdec2495fccd4a4668ecc7f862","sha256":"7ebd86fb4335c3c38624f9fbc1f300bc1fd9f73386439ad40d4c5f698c697f2b","sha512":"f8fd263006d8db476806d6ff31b28af898ee2734f5dca9c2b97a3c714af15bd8b5e2fe615451912aa9009ebaf041276da18bce3e4920ca05ad6e1f307c0bc20a","ssdeep":"96:yMml4Exzvz42SBcZXxzozBK/5k8fAKVfJa5w:yMmiEpb42SYyBK/5bhVRa+","tlshash":"0f91a7fa996312a485425bafe0fdaf5220869617dcc1702b771c7a457fcf00ca4f18ba","first_seen":"2026-04-12T19:10:17.63775Z","last_seen":"2026-04-12T19:12:16.730369Z","times_seen":2,"resource_available":true,"data":null}},"time_used":533,"timings":{"blocked":212,"dns":0,"connect":99,"send":0,"wait":104,"receive":0,"ssl":114},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:53.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://binance.coke-twitter.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 12 Apr 2026 19:09:53 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 126828\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"620188b3-1ef6c\"\r\nlast-modified: Mon, 07 Feb 2022 21:01:39 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 298283\r\nexpires: Fri, 02 Apr 2027 19:09:53 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4cX5yIbmoWfYYwt3vO9axQL%2Ft8H%2BCtNEm8rFxYvzwK7EQBxT60Ann8Naok8J%2FLRgZP%2BgZod5QPkQySeddXZ%2FG1%2BgLACyum04uAlxI99opI4X0Hk%2Fxu0Nk1SaQYtTAPevz1uZNv4M\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: 9eb487273c9e56a3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":126828,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 126828, version 768.256","md5":"297973a488f688271dd223d542ba2697","sha1":"ed99d812e4c88826335f93acede3fad85c90fb54","sha256":"1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d","sha512":"83c802972d9fee9dd7e3c0de42d8636c504e65ff20e43406bb446cc95a16acaa21789a03f0e2006148abfe47100bbd0c66aa4cf98f11e9b0220f1dcdb5204f46","ssdeep":"3072:caEaIjBfXHk79vCMuMZhQqmiutWxJfU52qiAx+SMfd:caEaIf3kxa5aaVMaHAScd","tlshash":"9dc3120ef3299411c6f0af104c63d6d627617389ffd548c767993e768aac9e70c28ea0","first_seen":"2023-04-10T14:50:44Z","last_seen":"2026-04-12T23:23:07.41876Z","times_seen":7775,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":19,"dns":1,"connect":0,"send":0,"wait":7,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/api/health","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:53.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET /api/health HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://binance.coke-twitter.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:53 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 15\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nETag: W/\"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":15,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0f0479874bf6f4a7281099b15df27c27","sha1":"55a490e280d48996e564d00492437eb17faadd28","sha256":"a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288","sha512":"2c75ba98532392f27ff21ee337200edf6612b032c29d6005d66b7a974bc43f4496779c7c807a5c06a34f9dddffbf9c18647ff5c1f99cb48b113399efc3460c52","ssdeep":"","tlshash":"60600000000c00000cc00c00000c00303fff0fc0003f00c0000c00300f000c0c00c000","first_seen":"2023-04-05T03:59:49Z","last_seen":"2026-04-13T00:22:06.102424Z","times_seen":24439,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/gsi/button?theme=outline\u0026size=large\u0026width=400\u0026is_fedcm_supported=false\u0026client_id=240275389988-jvskit5ki2dg5ekss1enb3es004n9tvi.apps.googleusercontent.com\u0026iframe_id=gsi_994056_53341\u0026cas=GYUnNMBd3ZBXU8jLfqlPR0lzugIWf5zKO9vjVmztD9s","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"209.85.233.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:54.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:36:36 GMT","end":"Mon, 15 Jun 2026 08:36:35 GMT"},"fingerprint":{"sha1":"18:C0:58:2B:5D:87:E5:61:B4:D7:89:8D:F8:71:E1:F3:C2:A1:AC:0F","sha256":"48:84:82:83:03:74:3F:66:23:23:75:30:1C:DB:DC:04:25:34:9F:AB:ED:62:1A:31:F5:05:C4:07:05:B9:1C:06"}}},"request":{"raw":"GET /gsi/button?theme=outline\u0026size=large\u0026width=400\u0026is_fedcm_supported=false\u0026client_id=240275389988-jvskit5ki2dg5ekss1enb3es004n9tvi.apps.googleusercontent.com\u0026iframe_id=gsi_994056_53341\u0026cas=GYUnNMBd3ZBXU8jLfqlPR0lzugIWf5zKO9vjVmztD9s HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sun, 12 Apr 2026 19:09:54 GMT\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-resource-policy: same-site\r\ncontent-security-policy: script-src 'nonce-KoABl4hodATp83jEL6tWMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_dd7de8473bddc59c6b748810a67a39b1\"\r\nreport-to: {\"group\":\"coop_dd7de8473bddc59c6b748810a67a39b1\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1\"}]}\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":193040,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (64902)","md5":"f47bff9494e3462838c2dc8b9da6cc3b","sha1":"4d772f8146ce5616aef7dd8ddd8c5cc0b3a3d471","sha256":"1cf32a0e2ce311647068e24d4b01b0acaf6a7c68d2fae76a969a9d6408345c10","sha512":"552ca6c584d9e20e41523c67ed4a4af0eeb892a6040f08f4871d1a05577a0787068ef6e24be15838bc7db5f9be6c15b2d3fbe370b45a4d23387a721dfabc100b","ssdeep":"1536:Y36ieOcngxdo5EwdOnyUVRyXsHWQ2XK189FTi9S7hxy58j2Z+GYZg6lToMQ2shN5:n+Avdk5HWRKAFOk7hxy52ZRTohvh","tlshash":"191438a4b3a3b022d363f872502f100ab53ba466f5495daef294e8e4ddf145a0173f79","first_seen":"2026-04-12T19:10:17.642883Z","last_seen":"2026-04-12T19:10:17.642883Z","times_seen":1,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/googlesans/v62/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCIhMl07v0x.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://accounts.google.com/gsi/button?theme=outline\u0026size=large\u0026width=400\u0026is_fedcm_supported=false\u0026client_id=240275389988-jvskit5ki2dg5ekss1enb3es004n9tvi.apps.googleusercontent.com\u0026iframe_id=gsi_994056_53341\u0026cas=GYUnNMBd3ZBXU8jLfqlPR0lzugIWf5zKO9vjVmztD9s","date":"2026-04-12T19:09:54.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/googlesans/v62/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCIhMl07v0x.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://accounts.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 55216\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 12 Apr 2026 01:31:47 GMT\r\nexpires: Mon, 12 Apr 2027 01:31:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 63487\r\nlast-modified: Tue, 29 Oct 2024 18:37:59 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55216,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 55216, version 1.0","md5":"79a898c4178c1c3da9702e53272b28f4","sha1":"47039421fbe12912a6ec8731181f20b0d084eda9","sha256":"d1f470e35f02537a3290ad9015b7c81fe9ca3295f6e691ef564520bcb6314501","sha512":"0a7894f91f314ada88b69e8e710e42fc3c69e5abba5149a52a3ae7aacbc09bcd6332626c1c5bf9f7637d5d1ced6fac7e3a0cffeb780b733b879b71fc7322813a","ssdeep":"768:GM5rYySQ4HdDApsqID60V1GIchzku+4/Asgjo4f7vmyKjrE7iE7RvJ80cDrATlkO:HIe0mxoNkAY4fFK07vM0cDrqzAhHSTf","tlshash":"f04301ebb01a1189e6a2207112261979609b84e19f3fa118717f638d8cd7bfd75d8374","first_seen":"2025-03-21T06:19:09.564073Z","last_seen":"2026-04-12T23:31:19.519708Z","times_seen":85329,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":115,"dns":1,"connect":7,"send":0,"wait":19,"receive":6,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/ws.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:52.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET /js/ws.js HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:53 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 1783\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Tue, 14 Oct 2025 03:50:17 GMT\r\nETag: W/\"6f7-199e0d71aa4\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1783,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"C++ source, ASCII text","md5":"84680e1f0aa9ec6cde7c7c357f5e8798","sha1":"1afa78861f888eb7a389b851a505ec4d2c190989","sha256":"b79dd3f946d5e001a93a444a1ea126e6187885cf66872a11c4e8b10bab1742a8","sha512":"3c50d26012ed035239623874d1b9df088045935477a2209e3ecc1ff793950994feee88358d8c60afece6e1a40c86570c6399eee124fc0e9a3dad2d365695015d","ssdeep":"","tlshash":"9d31328b27bf5419801336764fc74421363a905b2943ca5df1acd2e25f94d3c5547fa8","first_seen":"2026-04-12T19:10:17.645337Z","last_seen":"2026-04-12T19:12:16.732421Z","times_seen":2,"resource_available":true,"data":null}},"time_used":551,"timings":{"blocked":217,"dns":1,"connect":99,"send":0,"wait":106,"receive":0,"ssl":116},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/webfonts/fa-brands-400.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:53.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.0.0/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://binance.coke-twitter.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 12 Apr 2026 19:09:53 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 104544\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"620188b3-19860\"\r\nlast-modified: Mon, 07 Feb 2022 21:01:39 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 299843\r\nexpires: Fri, 02 Apr 2027 19:09:53 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qpGmq2VIdTEiUe1JZtANDejcFQMb8tfyX48ad8YVhNHBeTAwTZTPGBlZ%2B%2FlUawl07NZ%2BVsrVImBWINKgFl2k0NtKZMYdjRfmfUqWH5uUAer%2FiaJvdCqzEkBwUMXFXtvaaUub0Ws7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: 9eb487273ca656a3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":104544,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 104544, version 768.256","md5":"a9afdb72826cde196ddf29eb8f9d0f8f","sha1":"69fc982ace0b9fdd2cfa68c6628bcaad00f407fd","sha256":"29bc44694c394921d1f00271128a2e4cd8293516216e24eac07a73fa821fc1f5","sha512":"91414027bbd6fc01d2ee035d519530d017f34f9c8b9150a2e4a45386e3cfee2f4ecd07ab8f658b426e965536be75b3c6b396e8e65ab4fa33031779d3b0873dcd","ssdeep":"3072:V3ZSTBmqhFEpJTbnHMg1FZTRB/CClfbzXcW0FC3y0ew:ZZWBXwpFbsg1FZTRBbFMlFCDew","tlshash":"85a3128faa6fa70a2a1c79c5341418acf3102fd5c51e0be01474d9fff2385aa57685d6","first_seen":"2023-04-07T13:45:16Z","last_seen":"2026-04-12T19:24:03.031943Z","times_seen":3917,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"binance.coke-twitter.com/ws","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:53.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET /ws HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://binance.coke-twitter.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: qCxfLwoM6zWh8YGX4vnbXA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:53 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: xzKD4y8+NoUXDpFRX1GpyuVdh8M=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T23:55:43.817529Z","times_seen":13682782,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":0,"dns":2,"connect":97,"send":0,"wait":106,"receive":0,"ssl":113},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/favicon.ico","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:53.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:53 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 9\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Tue, 14 Oct 2025 03:49:10 GMT\r\nETag: W/\"9-199e0d612fe\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":9,"size_decoded":0,"mime_type":"image/x-icon","magic":"ASCII text","md5":"1235da17579150e3eb2a13df2c2f6b9b","sha1":"fef2d03150c3d0c992c123df25dabaffb2d24c87","sha256":"17a1b54b3bd191e1aa64bc7652a1a66b950deedfb08f4f9e7f75d48054692978","sha512":"2a65efb2c0ce42903358ad3802ccaaec4bf44d8c217638f72ad55561d68f015817798d9d88863b3aaee0a10383ced874fb930d83182ef7a363fc40cee94d2c69","ssdeep":"","tlshash":"a0500000c000c000c03000300303300000000c000000000000000000f00c0030000000","first_seen":"2026-04-12T19:10:17.648288Z","last_seen":"2026-04-12T19:12:16.740816Z","times_seen":2,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"play.google.com/log?format=json\u0026hasfast=true\u0026authuser=0","fqdn":"play.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.46","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://accounts.google.com/gsi/button?theme=outline\u0026size=large\u0026width=400\u0026is_fedcm_supported=false\u0026client_id=240275389988-jvskit5ki2dg5ekss1enb3es004n9tvi.apps.googleusercontent.com\u0026iframe_id=gsi_994056_53341\u0026cas=GYUnNMBd3ZBXU8jLfqlPR0lzugIWf5zKO9vjVmztD9s","date":"2026-04-12T19:10:04.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:36:36 GMT","end":"Mon, 15 Jun 2026 08:36:35 GMT"},"fingerprint":{"sha1":"18:C0:58:2B:5D:87:E5:61:B4:D7:89:8D:F8:71:E1:F3:C2:A1:AC:0F","sha256":"48:84:82:83:03:74:3F:66:23:23:75:30:1C:DB:DC:04:25:34:9F:AB:ED:62:1A:31:F5:05:C4:07:05:B9:1C:06"}}},"request":{"raw":"POST /log?format=json\u0026hasfast=true\u0026authuser=0 HTTP/1.1\r\nHost: play.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Goog-AuthUser: 0\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 472\r\nOrigin: https://accounts.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":472,"data":"[[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,\"no\",null,null,null,null,[4,0]]],1112,[[1776020994570,null,null,null,null,null,null,\"[\\\"dOCpR7CEdzb5k9A5sVSoC0cEfbN7Ea3Y-A9W1r_Og8c\\\",12,0,null,\\\"240275389988-jvskit5ki2dg5ekss1enb3es004n9tvi.apps.googleusercontent.com\\\",\\\"https://binance.coke-twitter.com\\\",[],null,null,null,null,null,null,42,null,null,null,[1,1,1,400,2,1,1]]\",null,null,12,null,null,null,0,null,null,null,null,null,1]],1776021004573]"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: https://accounts.google.com\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: X-Playlog-Web\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-encoding: gzip\r\ndate: Sun, 12 Apr 2026 19:10:04 GMT\r\nserver: Playlog\r\ncontent-length: 131\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":131,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"JSON text data","md5":"ca0b7e866005f6774d284b9f438ebfd2","sha1":"53644f5ee3640189bdb223473ba6a2d46606c556","sha256":"502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358","sha512":"939c4526c623db033ad40bfdc6c8848a1dcd0ca797f17fbbd89fbec1b49dededc16e89084b3759e62fa0ffc8fe896980b10a1ff8daee22736a70b08f1ee13e2f","ssdeep":"","tlshash":"58c08c50330469e1080e82c8c0026858228c903b46708cf10bbd68125d3234a1004854","first_seen":"2023-04-05T03:14:56Z","last_seen":"2026-04-13T00:00:23.766155Z","times_seen":488474,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/config.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:52.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET /js/config.js HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:53 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 468\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Tue, 14 Oct 2025 03:50:03 GMT\r\nETag: W/\"1d4-199e0d6e35c\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":468,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text","md5":"aa0ee935d1e0a33b99abe33a3c9ea705","sha1":"3695697c08039b9a6f2d74cb3ca92a36b1a693d5","sha256":"a62c1dda8b1c4ac12876b2724ec514db34a79af939e915843ae86c573a758e99","sha512":"6a3308f3fb921a935603a1fae6206614d1cc069a44834fe73e640fb2c13dae81e9a0812fc2e8c0f61f2090a9e3ac258860bac98e6674cb13b5111377aa1dcb7f","ssdeep":"","tlshash":"47f0d4bb3751602616c2d911b255b25a3f271043c9d271c76e12d25d2b8db0396d7bd3","first_seen":"2026-04-12T19:10:17.651212Z","last_seen":"2026-04-12T19:12:16.727707Z","times_seen":2,"resource_available":true,"data":null}},"time_used":534,"timings":{"blocked":213,"dns":3,"connect":96,"send":0,"wait":101,"receive":0,"ssl":117},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/main.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:52.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET /js/main.js HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:53 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 24684\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Tue, 14 Oct 2025 03:50:08 GMT\r\nETag: W/\"606c-199e0d6f83d\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":24684,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"C++ source, Unicode text, UTF-8 text","md5":"65c68741bfff5abf6a8f0ca5a687ff88","sha1":"ea292a39a66d7289d0ad927b03c6d3d636bbb17e","sha256":"f03b458bae19691404f23b46cb670fa959402adbcea58ed015169e11fb5ad50f","sha512":"2b5443ac533f62649c0c9541edf4eaf099b02550aa921afadc96238ac9a392dcb1ae41776b8f72dc32bc33ee034d3fc0feacd7009428a92bc632d319614eada2","ssdeep":"384:vD05zteC2eQeOZeWs4aoHEZew17WpztybvE5xOj:v4FtemOcWVpztyjj","tlshash":"b3b2712a32b71076457331ae5bcb6a497222a05b3605de4c3f2d83441fc2966a7f3fe5","first_seen":"2026-04-12T19:10:17.653078Z","last_seen":"2026-04-12T19:12:16.731196Z","times_seen":2,"resource_available":true,"data":null}},"time_used":660,"timings":{"blocked":218,"dns":1,"connect":99,"send":0,"wait":202,"receive":14,"ssl":120},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/gsi/client","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"209.85.233.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:53.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:40:00 GMT","end":"Mon, 15 Jun 2026 08:39:59 GMT"},"fingerprint":{"sha1":"A3:6F:D5:2B:24:A3:FB:1D:7E:E2:05:BB:CF:00:D8:E3:0F:E4:B6:7C","sha256":"C9:8D:7D:15:22:C0:D4:46:F0:C1:FF:BE:C7:39:81:EB:E6:88:6D:A6:D0:D7:EB:9E:61:6B:D1:AC:31:74:D3:E7"}}},"request":{"raw":"GET /gsi/client HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nexpires: Sun, 12 Apr 2026 19:09:53 GMT\r\ndate: Sun, 12 Apr 2026 19:09:53 GMT\r\ncache-control: private, max-age=1800\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_dd7de8473bddc59c6b748810a67a39b1\"\r\ncontent-security-policy: script-src 'nonce-pZlwvB4bOzKPZVfzbO_Ofg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http\r\nreport-to: {\"group\":\"coop_dd7de8473bddc59c6b748810a67a39b1\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1\"}]}\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":263156,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2663)","md5":"ed9fcddcd44e662b7d451a5c49483739","sha1":"77b61c85907c1c201a3a8f86f7fd79231a5b21b8","sha256":"681531ed7a372479524ffbef738c1242adf8d5877af5a7970751fc7b4d57e66e","sha512":"c5d1918eb65fb9f1c6f6756f65304721f710034a42f8dffe8dc23a53a7283cd9c1767451e3127b448a36557acbd5728cb835504981dd5a7b4414a39adc3bb0d8","ssdeep":"6144:ZYdatwk7hxy5ZhtJBtS/R4SNIwnK76kWuaCzfS0ZsQ:uEtw9hPy/R4S+s0/WuaCzq0yQ","tlshash":"95444adcb6e270355212f8b5c43f410ab076aa79f0498cacf694c6f5acb1d890167f7a","first_seen":"2026-04-10T07:19:54.390227Z","last_seen":"2026-04-12T19:10:17.654781Z","times_seen":6,"resource_available":true,"data":null}},"time_used":295,"timings":{"blocked":123,"dns":9,"connect":28,"send":0,"wait":42,"receive":0,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/gsi/style","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"209.85.233.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:54.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:36:36 GMT","end":"Mon, 15 Jun 2026 08:36:35 GMT"},"fingerprint":{"sha1":"18:C0:58:2B:5D:87:E5:61:B4:D7:89:8D:F8:71:E1:F3:C2:A1:AC:0F","sha256":"48:84:82:83:03:74:3F:66:23:23:75:30:1C:DB:DC:04:25:34:9F:AB:ED:62:1A:31:F5:05:C4:07:05:B9:1C:06"}}},"request":{"raw":"GET /gsi/style HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nexpires: Sun, 12 Apr 2026 19:09:54 GMT\r\ndate: Sun, 12 Apr 2026 19:09:54 GMT\r\ncache-control: private, max-age=86400\r\nreport-to: {\"group\":\"coop_dd7de8473bddc59c6b748810a67a39b1\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_dd7de8473bddc59c6b748810a67a39b1\"\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-0COrDGosVOesy8P_xqww0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":696,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (696), with no line terminators","md5":"ee570cebd6ae40b9567844b080aee1e9","sha1":"2b7b0ffcfe8aca40ced147fb7ce107010392d6b9","sha256":"d49e8f04be7ccbb69e87ae474ee50f6903b780451989e66d35ffc247a80510fe","sha512":"836c832111c285f7cb692c4eb62e2bca615017b6ab4af6920674f17df0ae1da040f7171208d5d312c3c43ed8ed7e49b653e7fce0948f24076d0548f7c8e8f25a","ssdeep":"","tlshash":"430197321aa2602eecb3ab3bf04a9d8c023aa117eeb705ccb59cca15c38d95874a5041","first_seen":"2025-10-22T21:08:41.081019Z","last_seen":"2026-04-12T23:31:19.560449Z","times_seen":55404,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-12T19:09:52.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:52 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: public, max-age=0\r\nLast-Modified: Tue, 14 Oct 2025 03:49:13 GMT\r\nETag: W/\"60a0-199e0d61fce\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Sign-in","description":"Google Sign-In is a secure authentication system that reduces the burden of login for users, by enabling them to sign in with their Google account.","website":"https://developers.google.com/identity/sign-in/web","common_platform_enumeration":"","icon":"Google.svg","categories":["Authentication"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":24736,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"2a94fd3da89783355ef55e281fdd8e32","sha1":"ac6ce19bb56c5df39f72061352c75f537eb0497f","sha256":"017787a1e2acae03e08c0ce1c1df4b3997ba30cca328ea0a604b62f1da821be8","sha512":"9905725eb9d9b1c7afee1aea7f456688bb56442daa8fc93fbe47a13da18ccc1dd880a1c57c7df2ace4b1e5a7e17daa5a03229ecd26c31f3cb9dc62acdea1d8f0","ssdeep":"192:Y9rY+EoeYck6rJE9Du6s8Zlczx20axJr1AMuXqQVmZX5K:Y9rgB6sfVXqpa","tlshash":"38b2976064f81573429396c66aa56b2b3e81ea13ca5f260036fc0bd95fe7d83dd0352e","first_seen":"2026-04-12T19:10:17.656416Z","last_seen":"2026-04-12T19:12:16.729289Z","times_seen":2,"resource_available":true,"data":null}},"time_used":554,"timings":{"blocked":222,"dns":9,"connect":107,"send":0,"wait":104,"receive":1,"ssl":108},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/api.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:52.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET /js/api.js HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:53 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 5692\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Tue, 14 Oct 2025 03:50:01 GMT\r\nETag: W/\"163c-199e0d6dab3\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5692,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"cd65d24d7c41a9f8c378173ba3f55644","sha1":"9f04a2a408eaf33e8aa8ec67a8e7af10d96ca2d6","sha256":"9cbccbc9fa175b326ce24df87e9f87bd282fe2a262065d4cad1e49b0fa48724d","sha512":"ab4a7c1a36026ab3b55c6043e37b7155b00ee2acf1d5a720b72011d72dcea8a68c5a319a5d7d8cce1fb6c4fdfa1663022f02c408156377ff8b7de2e69f21d985","ssdeep":"96:J8BajiCXaQirO+flQdy16fhv/DQ//nUkrKLtyk9CiEuTPlz8XCo8COLUx8I/qQyO:GBunmlQdy1av/DQ//nUkrUtyk9CeTPlg","tlshash":"b3c154c72243a16546f6fbae1b47e416a03ae427b403cc58764c06e5af5d86c84f7fd1","first_seen":"2026-04-12T19:10:17.658155Z","last_seen":"2026-04-12T19:12:16.736992Z","times_seen":2,"resource_available":true,"data":null}},"time_used":560,"timings":{"blocked":220,"dns":1,"connect":99,"send":0,"wait":110,"receive":0,"ssl":120},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/notify.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:52.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET /js/notify.js HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:53 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 3505\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Tue, 14 Oct 2025 03:50:13 GMT\r\nETag: W/\"db1-199e0d70c87\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3505,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"b0767adefc894e46ee9306b87b4f9684","sha1":"b0ea4337bc57c1dfa8970770aaaefa9744292543","sha256":"8e0746948d0b03c993289da2113a3b988ce2fcfb607847deef65dcf709d6d266","sha512":"6945dfe83c08ff196cc7e5961708e706f9e345827fc278dcea0dd0ad7432d6490360f120f57a6b55db2a7d049011b91a74e32b84d9c8dfc19bf7282d7faf9e94","ssdeep":"","tlshash":"a071335e30b7653549abb0ba9b9f0645b53391037406dd107bae82406fa0ea2cbf7bc4","first_seen":"2026-04-12T19:10:17.659871Z","last_seen":"2026-04-12T19:12:16.739132Z","times_seen":2,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":185,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"binance.coke-twitter.com/js/auth.js","fqdn":"binance.coke-twitter.com","domain":"coke-twitter.com","tld":"com"},"ip":{"addr":"107.174.39.191","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://binance.coke-twitter.com/","date":"2026-04-12T19:09:52.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"binance.coke-twitter.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 18:04:53 GMT","end":"Sat, 11 Jul 2026 18:04:52 GMT"},"fingerprint":{"sha1":"33:2C:70:80:D5:4C:61:BD:82:E8:A3:51:D7:87:14:CF:D2:DD:81:27","sha256":"28:4F:DB:6A:15:13:9A:02:F3:82:E2:7C:18:FD:C5:BC:80:86:40:C9:6D:94:B9:BA:DA:71:FB:D5:83:DE:C3:2E"}}},"request":{"raw":"GET /js/auth.js HTTP/1.1\r\nHost: binance.coke-twitter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://binance.coke-twitter.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Sun, 12 Apr 2026 19:09:53 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nContent-Length: 38729\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Tue, 14 Oct 2025 03:50:02 GMT\r\nETag: W/\"9749-199e0d6df7f\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":38729,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"C++ source, Unicode text, UTF-8 text","md5":"69294ec9aa395b9e926495490e991efe","sha1":"d22ee76828dae7c214bae61a31eb11e0302e9c57","sha256":"1184bc8dbd44c752a7c1349a37d1c31fd1cb7e91b4533342d689c74bdb4fb2a5","sha512":"83ad1454762fb6ba27fc8de81b1a881da0ebcdc52743c3b72081057186b9a1574b1b4b16dff7563c1df4e9c5a8a7f0562aa45a3bc8da066e51dd52db47c5d9d2","ssdeep":"768:oBdFhVAc5bj1EoRdHBFv92+pIgAAhMCnEJZu:oBdFhVAc5vRdHBFv92+pIgAAGCnEJI","tlshash":"c003654922bf103249b365bb5fc72716723350172c0ace6c7e6c47482f55e66aab2fe4","first_seen":"2026-04-12T19:10:17.66162Z","last_seen":"2026-04-12T19:12:16.728445Z","times_seen":2,"resource_available":true,"data":null}},"time_used":393,"timings":{"blocked":287,"dns":0,"connect":0,"send":0,"wait":104,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-12","alert":"Phishing Block","trigger":"binance.coke-twitter.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"binance.coke-twitter.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}