{"report_id":"5b6c497d-047b-4161-b4b7-6e1c43dcbb9a","version":6,"status":"done","tags":[],"date":"2026-02-24T16:05:33Z","url":{"schema":"http","addr":"bitfinexc.win","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bitfinexc.win/#/","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"title":"Bitfinex: One-Stop Global Investment Platform | Forex | Commodities | Stocks | Indices | Cryptocurrencies | Gold | Oil","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bitfinexc.win","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-31T16:05:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":14,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:14Z","timestamp":1771949114,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54594,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:14.265920+0000\",\"flow_id\":2186223384393481,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54594,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-02-24T16:05:13.718601+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:14Z","timestamp":1771949114,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54600,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:14.569781+0000\",\"flow_id\":1534990378192227,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54600,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":910,\"bytes_toclient\":1634,\"start\":\"2026-02-24T16:05:13.970083+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:14Z","timestamp":1771949114,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:14.967418+0000\",\"flow_id\":464486959566354,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54606,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-02-24T16:05:14.413202+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:15Z","timestamp":1771949115,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54614,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:15.001384+0000\",\"flow_id\":851137095421618,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54614,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-24T16:05:14.413362+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:15Z","timestamp":1771949115,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54620,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:15.209393+0000\",\"flow_id\":1288639644050663,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54620,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":910,\"bytes_toclient\":3148,\"start\":\"2026-02-24T16:05:14.664807+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:15Z","timestamp":1771949115,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54618,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:15.280747+0000\",\"flow_id\":1724905242109010,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54618,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-02-24T16:05:14.664658+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:15Z","timestamp":1771949115,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54632,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:15.420149+0000\",\"flow_id\":2187215521863928,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54632,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-24T16:05:14.874744+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:15Z","timestamp":1771949115,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54636,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:15.427521+0000\",\"flow_id\":886720899475802,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54636,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-24T16:05:14.878938+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:15Z","timestamp":1771949115,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54638,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:15.481791+0000\",\"flow_id\":1764118293542404,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54638,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-02-24T16:05:14.882180+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:15Z","timestamp":1771949115,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54652,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:15.491777+0000\",\"flow_id\":512186866371559,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54652,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":6037,\"start\":\"2026-02-24T16:05:14.887783+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:15Z","timestamp":1771949115,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54672,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:15.675095+0000\",\"flow_id\":353818537297376,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54672,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":910,\"bytes_toclient\":3148,\"start\":\"2026-02-24T16:05:15.132576+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:15Z","timestamp":1771949115,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54682,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:15.724464+0000\",\"flow_id\":852515779978229,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54682,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-02-24T16:05:15.140277+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:15Z","timestamp":1771949115,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54674,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:15.730518+0000\",\"flow_id\":685536041442545,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54674,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":910,\"bytes_toclient\":1634,\"start\":\"2026-02-24T16:05:15.138481+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-24T16:05:15Z","timestamp":1771949115,"ip_dst":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":54656,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-02-24T16:05:15.738141+0000\",\"flow_id\":1390151196211775,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.46\",\"src_port\":54656,\"dest_ip\":\"47.79.64.199\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-02-24T16:05:15.129599+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"webapi.bit173finex.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-10","domain_rank":0,"first_seen":"2026-02-01T00:53:19.264543Z","last_seen":"2026-02-24T15:59:08.409618Z","alert_count":0,"request_count":13,"received_data":502515,"sent_data":6783,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cservice.vip","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-10-08","domain_rank":0,"first_seen":"2024-10-08T14:49:36Z","last_seen":"2026-02-24T15:49:31.098827Z","alert_count":0,"request_count":3,"received_data":67667,"sent_data":1237,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-02-12T08:38:00.929095Z","last_seen":"2026-02-24T15:47:19.278204Z","alert_count":0,"request_count":11,"received_data":390781,"sent_data":4928,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"bitfinexc.win","ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-28","domain_rank":0,"first_seen":"2026-02-24T16:05:38.400543Z","last_seen":"2026-02-24T16:05:38.400544Z","alert_count":166,"request_count":83,"received_data":10897201,"sent_data":33828,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bitfinexc.win/js/ArticleViewer-NZgUlOne.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"60eed223189fc663514c5341bcff77b4","sha1":"6e21fa058a31f9fd6f257aa57e96c61d58ea9c2f","sha256":"db75c12e3096e41da91a37249a4e51d1cff9628a5cba108f4f89632ea24438f5","sha512":"74349c249f9cfeec30882c7947d925e1482970ead26a08d2a2b5558cb0b839146148fd23bfd5370e962ee7c57558a58ff885967621a1a2dff7664b3d972dfcf1","ssdeep":"","tlshash":"cf41729c6476cfb896f39335a58ad6549044bbcad7118a89727e582a2fc0eb07a5c308","size":2403,"data":"","first_seen":"2026-02-24T15:59:15.568903Z","last_seen":"2026-02-24T16:05:43.757945Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Calculation.vue_vue_type_script_setup_true_lang-BMhkdazn.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"80fd28a33f6647d8519b15115bcb54f9","sha1":"4fcaa68fcf0f7db4b0fa377f86e5f5afa2913897","sha256":"e0aef006e280979ce50698cda2d0a6b81ecf9785800e941b0d11c85278a84833","sha512":"082dbd15ca453de0052472660512fc79c389ad6cc06115605e93a882a9ad1c80579a5fbf933b5fe63f6e5d3580aa1137e9b84d922fef2c824a89ef52b9a5d7a2","ssdeep":"384:d9SYvdyMTG1CmxcgnJcwV1eBcICHan1BAkL1pkDUaBoiA6UJWM5boWBu5D8daLHa:zScUYfjBcban/Ao1pQUaBol6Ubboyu5m","tlshash":"b392a64db252db3ddbb354f1a05e1014e0087fcad426c497a1bf09933aeeeb11a6967c","size":20465,"data":"","first_seen":"2026-02-24T15:59:15.579491Z","last_seen":"2026-02-24T16:05:43.814288Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/CookieConsent-gCDMgTiv.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"9f1884f90d01fe10ae788051b6bf62b0","sha1":"22529b88e20870b6214fb53903eb656ee5a79e3c","sha256":"1941ebb644daa8e51b3c8d4e6186c8dd521f99041dac34b491026601ebb4604a","sha512":"b50c8803c11e94974d806fce989b729f374d50457a5849c2f74e069413e2142bb4f9a45c08edd3e2506f94673c1fe76f903dba4e60f48541b75b5de854d4646d","ssdeep":"768:hr5jgT5ISSBGZo4mrwrS0yIpdmjriD0PbnPex4:IeVsmrwbpdeioX","tlshash":"83e25c05e806eeb9d7f31634744a7168a4387fd9c25ac47aa3bd85232bc9f728763314","size":32677,"data":"","first_seen":"2026-02-24T15:59:15.540518Z","last_seen":"2026-02-24T16:05:43.739782Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Footer-BNY223Mx.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"bb7543e9a484fca4522f5507ff9ca816","sha1":"8a731ff3f2ce04af8db2e4e12f12f92a31079f74","sha256":"82922f0e4c98bba5e2be6f77afc3f21f93ee3459204a87f62c30ccc1e7fa31b9","sha512":"14deb2b64a0974b7de466e995745f9358aeab31cc79b1bc0ed0ad2855e85dcee0f76195a5c1dcf4bb1e387a4763e59d44f7c796238490f9299cc27147811d6fe","ssdeep":"192:v7YvNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGT/:MvvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"47321a047973c9f9c6b784b4b8415510f238bfeee56bc85ab3fd890a17ced390a06260","size":11427,"data":"","first_seen":"2026-02-24T15:59:15.528703Z","last_seen":"2026-02-24T16:05:43.789141Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-CqgRwA8p.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4e2e897194c8005e76d22698f76e3b9e","sha1":"585a69b98d9bf2a277f47d86477d0b60689eac4a","sha256":"2c7bb6991b90244fe6440f8f62a1c0d3e99bd3187c3828d29d7c960e5d06b245","sha512":"3e40e542af60272de6e3b2680221e8da30922529c5a36833227cc2da7f4c21b08860878852c313c73056477a33cdf54cb7293d3b030a53e53a59f8b5625b90f9","ssdeep":"","tlshash":"a361c5dd78b7f020877148ee507b0636e23a37592408d0d4e01fcd8a3931d6ab2a7e29","size":3235,"data":"","first_seen":"2026-02-24T15:59:15.557826Z","last_seen":"2026-02-24T16:05:43.816482Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-nLw3Ee0x.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8a797d296738268b6851ab9c7d075eb9","sha1":"fa2a371a33b3d490dea7c3b300643c28bf9dafad","sha256":"d7c1e840ce1abf8a34249aa289cc6cdf191b78e05561fe8b62cd725ebdef89b3","sha512":"9cbe82057986d248ed349a00f4cd2db0f0659b3745b659a68081199224ed6386f4e76d55e9def4bcfcf50d95e690c2256d5eb430fd5c0e7453c76eecbb5bc7f9","ssdeep":"","tlshash":"f031320d9473cbfc95a391351b9a2168d2947fdaea708bccf36c14723aca9b6592c640","size":1510,"data":"","first_seen":"2026-02-24T15:59:15.578Z","last_seen":"2026-02-24T16:05:43.76065Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/filters-CwQNJrJW.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"3be61883aa794d73d0be711578300ddc","sha1":"e2f55af3af6d11f9931384bc3b5db810e6e76562","sha256":"56bbbca3a1fcae8633790e3481f5810ef57684572d9b93e4e2ad0ce87ca087d6","sha512":"43ada60543acf6d99f5a99bfef8f6bdeddb5a21272a2fef486d65a356a865974b0dcf316d77db2d5bba0efe5afe165a387e76d3834b510db47fc229b80658db8","ssdeep":"","tlshash":"0711adb995c6c67b02fbc8c8514d41c768e87f78b00e4b62bd64f1163561095f4be393","size":1046,"data":"","first_seen":"2026-02-24T15:59:15.562117Z","last_seen":"2026-02-24T16:05:43.751763Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/loan-DbtGJtzC.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a967023a1db2171077ced2f24f78ec67","sha1":"7e5f70e9e5d5c18ee59734c9d943593ebc310e91","sha256":"f3340c7e2af8cfb586173074f0fb46111df5305a406349a8a0f3267ba71c99b9","sha512":"77cd8f39c3d8e1bea52c99b07be108443c21b704304bded62181956261809c8efabfed25a11f46ce31ca4993a15992cef8635eaebd3fdc38e259ed5a4a6f427d","ssdeep":"","tlshash":"19f0f6dabd179a7f9135d23930923d02b43b9a31def614702f2ad8678f2c0c9675b941","size":580,"data":"","first_seen":"2026-02-24T15:59:15.523506Z","last_seen":"2026-02-24T16:05:43.734552Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9e3916b922f6e89fef56ec3d30fc24f1","sha1":"39864de2655e9cb05aaced549d399ec6f768b050","sha256":"77f19f933dfce820e9ab4507206207ca46964edc5224fba3206261d74a3b0757","sha512":"4e9b8d49c5ddadee2aad4c3ecb9f204d9d56efe210aae8a58286d5ac9ea82affeb77751ee5c7408e6215eaaf2e7c698304bcfc43a13ff57e0ff55fd4b8fc6eea","ssdeep":"","tlshash":"04f0e21a52b850b4117bf33d738feb81363200c360489f513d1c5f840f6043846a1b96","size":518,"data":"","first_seen":"2025-08-26T17:46:37.312801Z","last_seen":"2026-05-26T16:34:37.76015Z","times_seen":62,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-Bgx9-hSl.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"137a640de7e1e8fb15329666f3695d1d","sha1":"9fa08c78da070c3dc42d3a1fd06b3a61b386ea64","sha256":"3025a59849816631f18de809caf0df29b87ccf8f164b62c0fe79b4c6acd5afd0","sha512":"b61b32c2463614bb6868f82f0044b030cc2af7d7f3468fa4c34bf418ada569ac72b545523001bf4692269b787500f04b599b1797f7c8fbb35dbff37567b2341c","ssdeep":"49152:e0t9UzEet33btbN93p0AgwYfSFRNWVCPBBQj2O6Zu:Rk/9e","tlshash":"40959f9876c6f06806f382e560eb1105f2786d45f446c0a4f9fc89ab25e5e9ce277f38","size":1921356,"data":"","first_seen":"2026-02-24T15:59:15.637616Z","last_seen":"2026-02-24T16:05:43.829493Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/cssCalculate-G7yYGhEz.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"81ebadd562734ed587f3316303b98381","sha1":"5723c81e2b22ffc192d40520d06e88144b0772ad","sha256":"7c50130b8bd2f94adc659826b11458992c265553deafb0b41a0e70b68f147d5b","sha512":"649488501388c20a305d284b0ccc5de1027ee267165017e7ecd09d3f9d60e6d61ef3bff8b2f81884ad5a65e42ee40714f9473e4f0a677a8d4eea11ca50e158be","ssdeep":"","tlshash":"b4014efda5c1daf79b4b553b0e6c492c718d5680ea1f86c2d76da4207b402ecb132590","size":792,"data":"","first_seen":"2025-08-26T17:46:37.228469Z","last_seen":"2026-05-05T09:11:43.050995Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-DsqkYkwi.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f38ffabd88af770add463630198c371","sha1":"e2f4abf804bffb2d56b7f5f2db53ba512ca11c27","sha256":"db9354b8aaa373e7ff309a9a69ec523e0e4d054c589d19c65cff23741742c4f8","sha512":"ca486e3aa841f97c6d95a0c62c51c41d4e1783005c726c39acfb8c35e58eec8168f3fcbc193fba85be5d88c4568b449af48a2f1d56b61238bcc1234ab79345b6","ssdeep":"1536:g9R8WY5TRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8ni:ORk5jTG8ralELZFOUnusSQilqw7ShHTU","tlshash":"59048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","size":173125,"data":"","first_seen":"2026-02-24T15:59:15.585895Z","last_seen":"2026-02-24T16:05:43.739115Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cservice.vip/js/ai_service_core.js?v=1771949115842","fqdn":"cservice.vip","domain":"cservice.vip","tld":"vip"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f18eea0d33964edbd612d61f5713fd75","sha1":"93dd1f6594dcf0f7cbdb44813e4c1f2072961533","sha256":"1bc28f480d9acf22346a0cc22379fce4b7971d6e647a55de5919e641db5cc597","sha512":"5cb694ca839128e6683a513174761ccf1c4147b28d130dc1425112756d81ee61a2c65baa2272e8284264a53ba658a4f77c1753291163dcc4fc5745b0538c5931","ssdeep":"384:m+6aLTFONgSMQDbHer4p7JCA8GaHOdRUHYAnUjZpeZgy4F4Syec71gAQ77/ZMTtY:5xTFeMQDbHer4p7JCA8GMOgYAnUjZpeS","tlshash":"a48241abebbb10724457b4368b9f268435268013294cde203facded04f52a675317bf9","size":17618,"data":"","first_seen":"2025-11-30T14:17:39.769051Z","last_seen":"2026-06-01T14:33:52.182505Z","times_seen":100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/login-bg-CtTnvaIr.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","size":91,"data":"","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-05-26T16:34:37.715579Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Register-Cl5YsboM.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e8accca9546c505118507dd419e8ac62","sha1":"93001cfe0c3227b5bdee16c98597eb9fb8a826f5","sha256":"0aa408332692aa852696c9a1028246344b5189a7a05bee006935fe1a6b108fac","sha512":"8bd08bc6d0d8064497c0a3d43882776b21ba3ae5faf3da9c4130923daa106f6eafa0e8966f779ac9275e8327510f99f44cddf0ca0dd289c9f73f595831eeb42c","ssdeep":"384:GNl6uOz1k7mm+r6meg5bM5MZ5iWajEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792+:GNlpORk7a55g5s5TUZ5pyVjnjXYn0D9V","tlshash":"db82678cb1519bfaab7b9431f4476930682c4f5fc463c0f6e6e88c35a79ec71a51423a","size":18425,"data":"","first_seen":"2026-02-24T15:59:15.535034Z","last_seen":"2026-02-24T16:05:43.748772Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-m-aRwI0X.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"6981c694a2f4c56efddeacc4ff0eb8f0","sha1":"362a8560143970bf35ca539eace7c62280351253","sha256":"7b7663d00494cd731f5a1f4ab3df1ccfe58ee02a00101e2993881703ad126c44","sha512":"689cdea72dd0cb6478dbc38443d13c7a925ee64b53321441c76318270acbf3b1b4d8b325e5e6f4a5c77176032565a09fe1b63df6f99dc5e8a691257874d895a4","ssdeep":"768:2MevlM82K8nfNtfWeg8s2qlLlWYuG13tfAlgbXXh4FgXG1aU:+dM82dPsH9JC","tlshash":"4303842cb012cfbe9663293062ad1994e1497fedc526c80af1bd18233bc7ff05a56765","size":41100,"data":"","first_seen":"2026-02-24T15:59:15.548913Z","last_seen":"2026-02-24T16:05:43.765552Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/dataModify-C6sk-dj3.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","size":635,"data":"","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-05-26T16:34:37.704819Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/PdfViewer-BH7Ek4ws.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"859097e923fab4b640f45ed90e72d270","sha1":"64e3621dc25657eab0561c74a1e024b4af1b1d9f","sha256":"2bc1828085b1948aee755c38c7245ed5b181620dfb6f1a5617632013290891d4","sha512":"6e9983b811d9bd4718dbf72d713ef975b83da70c8657901476108850f67c361c39194bc4f11d658e7fe610faf1d4d9947acc688f1ebd2265ed1af5a30e00f169","ssdeep":"24576:2kpMfCJkPXXq8RqbOt7aFMz3FuEoYlOsp8yDpm0gLsC7Xl5:2kpMfCKPXXq8QCFR+l5","tlshash":"aca5a072634372e96b79468671b91609437f154d34f3a1c8ed8e2edac52ad2b237c23c","size":2202810,"data":"","first_seen":"2026-02-24T15:59:15.633645Z","last_seen":"2026-02-24T16:05:43.831218Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cservice.vip/js/ai_service_diy_8468gpfh.js?v=1769638669","fqdn":"cservice.vip","domain":"cservice.vip","tld":"vip"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9dd334ff9ec0b68b57834c868660c408","sha1":"e6606e26c6cbd0d50fe454ff692163d3f007c178","sha256":"2a1aa3ea60d288e35bfcb33368fa02ba1f47d2a8369048808107fcbdb7e137c5","sha512":"f9e1c5e90f8403bd5f9e4ba5835dfe46faa40ab0e96a42352a2b1a8a334cb1a14e2c95872fff9c74c898befaa7ec24fa57e62d254a0888eec6528540d6b5f2e4","ssdeep":"","tlshash":"b131dda25e8985731933322a9b3ba128fb31270319019a033ebd67006f31e49aa65ec4","size":1810,"data":"","first_seen":"2026-02-01T00:53:28.946185Z","last_seen":"2026-03-09T15:01:17.948163Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Login-BXX23Cs3.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8125dddb4babfc73b962dcb43a1381ca","sha1":"a0c801614058782b2f3e18b0417020e76ba6494d","sha256":"07991c0a0c9205460ffe40b5acacec4389e333502a3f5fb1d6a6943ad292b874","sha512":"e17e2f0e0306ae912c976287d80f146df09a9f5af98189a4275bb9fe736fe6ef26632e667b194597031cc8b03abe48591f6ceb4159a48cddafccd0bfa1d78e38","ssdeep":"192:5MTADOgYQNzN+dNWNTpknH3caQKkn3ELqKDN/5qxBy+d7PEwjNwzPZdasQWQ5QUS:5/YQJIUBoL1Ibp9JyisQWQ5QbDFHiq7H","tlshash":"0832b6c87512abf99bb30825b6047935b4185f99c067c48ef3f84c317bdacb66a24379","size":11563,"data":"","first_seen":"2026-02-24T15:59:15.547824Z","last_seen":"2026-02-24T16:05:43.768594Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/SetFundForm.vue_vue_type_script_setup_true_lang-BbTQdYkd.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4032e85aa409b431faa1a8e7bbff0ec3","sha1":"9867279ebf6cd5d205675137f1e4c55d771c09ac","sha256":"4ffef19e3b976a6f40e7c8f31be30bdd55ea228d6f2e2195e8c0798bc6884277","sha512":"913ac3f6b28b2d7b049dbc512c85d566587ce2d69a6539e0bb28632d4365dba30c5df23d7e9e3d17513b8d7c06cc55e4bf6692d954916f14d07a3bd0bc6bb943","ssdeep":"","tlshash":"d651540d24b2cfff26c3a238224e2168e0c8bfcfdb308755b66d407226c99f53619a55","size":2673,"data":"","first_seen":"2026-02-24T15:59:15.567108Z","last_seen":"2026-02-24T16:05:43.798865Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/CreateOrderModal-Dq3M96Ax.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"0d11b51e7c897f3916d3a2e9e6d346f4","sha1":"4b9e6a12d0860db1338c00342d61e1dd714231d4","sha256":"c04356ae51f6d866828a6e4a26377216bd00349fe6a0a55ba48ccdfb60e58afb","sha512":"ca0456e1645ca7edb9b5e33d36044b1df05112ce339e4bd3820bf7d6fd4e1be28a8f4cb5fb1324a5b6b589664c46eab9e38ca6dd67f89867bf8db61bc9f156d8","ssdeep":"384:a5fMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:ahMuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"8e72c93c70d0c9be9473d176a2cd68244048bfcfc6635bcef63da66415d9ca15725a2c","size":16272,"data":"","first_seen":"2026-02-24T15:59:15.566062Z","last_seen":"2026-02-24T16:05:43.79627Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/TradeLayout-CaSYV84t.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4aa7cf8af4759cd861a60d2d439f34b8","sha1":"e0bfea61fc18ff0e652b2cef53b157ef2e6ee915","sha256":"ff7075f56e8f67f1bb70e587dcdf746e117eda2c49d113b7c151e51fe52a00be","sha512":"ac1429b420da8ecbe05414c719e530b5dee42741aebe2161272e32886b630207555144502df93b0d259ab8c00994f175575240ab1ab108d016847d1cbb15a603","ssdeep":"12288:U37MnWzG2+iFeq6Zz6uSxNbn6e1sD5skFW:UrMnWzG2+iFeq6Zz6uSxNbnQ3A","tlshash":"a194f580b162e53993f391b5107a0401e3197f89b00686adf27dccd73eaad9971baf74","size":415093,"data":"","first_seen":"2026-02-24T15:59:15.517509Z","last_seen":"2026-02-24T16:05:43.787077Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-D_D1e0w7.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"31e8610c721031b880d37b8a1e081c9a","sha1":"2b26fa6c650aa90c4b53d5767b6d458e0d67992b","sha256":"b678a7ae0ce1d286b8314a0b6500fa4b362e986380e804043ebdf745d00876c7","sha512":"75e4d71793e4d0f250431195158c2cd92c885a08e4e72daa421020fe1fdd77499e11cef518a90d0888e32d009cbc2c769c364a93e22781af0d3de0893f8b3e25","ssdeep":"6144:BfIyxrxeAbERhW+M4e5usVKBDtMAyJjSpBBPWG5YhiPmy880z+8Ff0kvmUyPEmIY:dIexeAARhW+M4e5usUBDtM1JjSvBPWGb","tlshash":"b26409847252b27a83f305a2543e4405e2257f88b107c4ddf1fc4cdb3e9ae9665abb78","size":331566,"data":"","first_seen":"2026-02-24T15:59:15.521001Z","last_seen":"2026-02-24T16:05:43.76478Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/account-BMFpvqTr.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ebb83d0cc477773ee56307c8658644e3","sha1":"15e0267a988edc4d35d79f4dd473a9f57bcf3d68","sha256":"c0bf5e07697bda7a5d5ef171fb669f80c6802dca07daa219ab14e7a050d21800","sha512":"ca5465dfcabfac14aca473c7ceadcf3ca091510c71c55d1344ac42940e3e8f2ae7863e57aa78390b166cfcb442ddfdf86d206935a6de84052e943cd1ebc9d206","ssdeep":"","tlshash":"fc11048a8e4e52f7fbb0be1260d02e03c01b6fb5ada24472f02d957752bd044c62db14","size":1104,"data":"","first_seen":"2026-02-24T15:59:15.5811Z","last_seen":"2026-02-24T16:05:43.772616Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/LTC.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/LTC.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 16:05:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 34858\r\nConnection: keep-alive\r\nx-oss-request-id: 699DCC3C7CD23C3038309A4A\r\nAccept-Ranges: bytes\r\nETag: \"BB27C369A3AA54D9C1F8E59E1706DA48\"\r\nLast-Modified: Tue, 22 Oct 2024 11:42:58 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2593469271640333430\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: uyfDaaOqVNnB+OWeFwbaSA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":34858,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"bb27c369a3aa54d9c1f8e59e1706da48","sha1":"7e1b9677305cad40b686a5a1077da57c4f6cf07f","sha256":"e691621963c6de60c05c0e91cf7c65cba4191df054a3b1bd5becbef3a426f9ee","sha512":"4ff3058897ecbcee5464eb954955cc40bad7f411ee86f21dcbebe3d02ee45410b42f68c8e3a22537ef530c65c9bc9960fb36134aeced2dd36688a21c0cb02415","ssdeep":"768:FAbT/SSUokJQD9Wvnwoo2hzabJIqRw/VH3+WFxL1nHLy:G/RU4yni2kKl53+WbBLy","tlshash":"3df2f155ed69527406b90571846e302ca4669a7ebdceb11bffbd67302b3246f008e06e","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-06-06T04:02:55.293479Z","times_seen":630,"resource_available":false,"data":null}},"time_used":1631,"timings":{"blocked":1307,"dns":0,"connect":0,"send":0,"wait":306,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/index-Dw5PEkk4.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/index-Dw5PEkk4.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-b4b\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fzlsz2fiGZ%2FuZWADyYft6aze1xMQfm4R9Ytsap63oHnw8Te7B863afvTcQVogD7WcRmoP6PbA3EDFHMoozb9B3l4QdlHmhZPxR4eU%2B8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f7bb91243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2891,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2890)","md5":"94e2ec6ec70ebd8a005a7b1188259b86","sha1":"8b817794728faac8e57c3c63a8bd3654807df0c3","sha256":"84a2697cd0feef5457466aa409dcc7bdccba25b3f1f8b68be01ad52d7bb6c61f","sha512":"0def549cb7962bf4cb626f9ec50be090f7f19ba35827828c0e39bc2d1be62d60d16aae8840f688a5e926e5a295a60650f0fa61d936cc0acae2ec5deee0fa5d2f","ssdeep":"","tlshash":"53517530a86952779f77e25091e4470ce92d72c3db5627bd7bad12141bcfbe82ca6404","first_seen":"2026-01-30T06:58:07.037128Z","last_seen":"2026-05-05T09:11:43.186843Z","times_seen":40,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/loan-DbtGJtzC.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/loan-DbtGJtzC.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"698b0c4a-244\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1%2FUJGnwm4S1lkLw2ofiXmUyBn17DTOu2zdbGzfSMjQRmzi3wBlPCvoFlZDX6LCcCZSDEWRPyGH5L2yOFP9CMmYqGhl4jf6cTauAsK9Y%3D\"}]}\r\ncf-ray: 9d30341f8bbf1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":580,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (579)","md5":"a967023a1db2171077ced2f24f78ec67","sha1":"7e5f70e9e5d5c18ee59734c9d943593ebc310e91","sha256":"f3340c7e2af8cfb586173074f0fb46111df5305a406349a8a0f3267ba71c99b9","sha512":"77cd8f39c3d8e1bea52c99b07be108443c21b704304bded62181956261809c8efabfed25a11f46ce31ca4993a15992cef8635eaebd3fdc38e259ed5a4a6f427d","ssdeep":"","tlshash":"19f0f6dabd179a7f9135d23930923d02b43b9a31def614702f2ad8678f2c0c9675b941","first_seen":"2026-02-24T15:59:15.523506Z","last_seen":"2026-02-24T16:05:43.734552Z","times_seen":2,"resource_available":true,"data":null}},"time_used":555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":555,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/ForgotPassword-tn0RQdqM.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/ForgotPassword-tn0RQdqM.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"698b0c4a-0\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1V%2Bqv9x2F4O47b1K1oKeTKlEadXIwoXKTsG79n1hKCbrnZQTNGzdw55XTpoiqLOE7xFZgr12Mu8GdgkQhqICoW2zDi1Npk%2FYJ7BiTYU%3D\"}]}\r\ncf-ray: 9d3034026fb81243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T23:09:45.281132Z","times_seen":16194959,"resource_available":true,"data":null}},"time_used":602,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":602,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/CookieConsent-BKtXZsW6.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/CookieConsent-BKtXZsW6.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-1939\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iayPQ86Sh%2FEhQ7vSLPI8c7HWe6qT2%2FVwEsgm7TLwN2ezifJ8TFojM5QKO%2FJWvsm8T8Uavv8Uha0ZUWDRsm59%2FGoQ5B5dx5D%2FnjEzv%2B0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034026fb91243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6456)","md5":"1149d91279806327d1cf129fb88561e4","sha1":"64a0d38ab7c0b5dcc85255064a404c5faea0e413","sha256":"ead0cb6d3b9cb7c7ba752b1a20cfe31c362fb850dff7077d0a6bb1c1229bbb73","sha512":"a32f4aa95f8b53e74371a2cf0c459b2959b0a017734332ab04a2bb0cbbd974d3c1e9963ef7e9cef2dec986510b4f0188c7aacd045b40e793c567e28686a7802d","ssdeep":"96:UMwlRU4q7ekoIlbffKu28Y6NRyuHwwlUxiun10aWNPG987:lMpq7eJOffhLYP2WxDhFK7","tlshash":"81d1ff717688b01db13fd87561e12b9c3228e207d7325ab8964bb57c89e72873336bc4","first_seen":"2025-11-30T14:17:39.787592Z","last_seen":"2026-05-26T16:34:37.719565Z","times_seen":67,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":562,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Footer-kqO8xzJ8.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Footer-kqO8xzJ8.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"698b0c4a-60\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Nv2PL86bQfUKJeCPBzpvCJKaIaEOo6LTsahjh7Bz2B32Y65qeM69SSm42KHO7wLIqbtlVB%2BZ%2BU2tE4O2D%2BcZ73odu7Lisz0rC7fWu9E%3D\"}]}\r\ncf-ray: 9d3034026fba1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f2d8db841ee2cccba46a4846bb383b9b","sha1":"21ec1dc977ba6ee4b0fe0a042add8ff45f05ce42","sha256":"8b180be1698077bebaaf6beb91aa095652e82bdb700bb511b126055be7e155ed","sha512":"746edcc3f53af777995441974d93a876940ffe4fec86613f9f14d3801a2f9e7d0811f7d9ed5ecc3fb6525ae957665a71e779b3b391dd0435daad7586389ee8e4","ssdeep":"","tlshash":"69b0127030ef5567744f62b93015a2308159c106d3051e0c353c62fe39d20001157296","first_seen":"2025-10-10T02:51:18.076622Z","last_seen":"2026-05-26T16:34:37.726711Z","times_seen":69,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":558,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-DsqkYkwi.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/index-DsqkYkwi.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-2a445\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rJA7m%2Begf2TOsmcYY1E8iz0TSQCB9Vqb3674Xoge6YLEwc7mWusCD%2By5oa2I7AtwiNcGOt2gdXxfI2OgoXBOnG2cGHBa3lrLRU83J1g%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d303406383a1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173125,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"4f38ffabd88af770add463630198c371","sha1":"e2f4abf804bffb2d56b7f5f2db53ba512ca11c27","sha256":"db9354b8aaa373e7ff309a9a69ec523e0e4d054c589d19c65cff23741742c4f8","sha512":"ca486e3aa841f97c6d95a0c62c51c41d4e1783005c726c39acfb8c35e58eec8168f3fcbc193fba85be5d88c4568b449af48a2f1d56b61238bcc1234ab79345b6","ssdeep":"1536:g9R8WY5TRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8ni:ORk5jTG8ralELZFOUnusSQilqw7ShHTU","tlshash":"59048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","first_seen":"2026-02-24T15:59:15.585895Z","last_seen":"2026-02-24T16:05:43.739115Z","times_seen":2,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":145,"receive":178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/CookieConsent-gCDMgTiv.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/CookieConsent-gCDMgTiv.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-7fa5\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qo2FHnY%2Fr1c%2FxG9zBNjQH6tsHP8DUqvllBF80Yv3qqrkD4yv4084GRYSJ36PD1pEFgRaE0zH60bAZe5kMzFSQRLNhjdFCdatn2%2FfOxw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340878861243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32677,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (28844)","md5":"9f1884f90d01fe10ae788051b6bf62b0","sha1":"22529b88e20870b6214fb53903eb656ee5a79e3c","sha256":"1941ebb644daa8e51b3c8d4e6186c8dd521f99041dac34b491026601ebb4604a","sha512":"b50c8803c11e94974d806fce989b729f374d50457a5849c2f74e069413e2142bb4f9a45c08edd3e2506f94673c1fe76f903dba4e60f48541b75b5de854d4646d","ssdeep":"768:hr5jgT5ISSBGZo4mrwrS0yIpdmjriD0PbnPex4:IeVsmrwbpdeioX","tlshash":"83e25c05e806eeb9d7f31634744a7168a4387fd9c25ac47aa3bd85232bc9f728763314","first_seen":"2026-02-24T15:59:15.540518Z","last_seen":"2026-02-24T16:05:43.739782Z","times_seen":2,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/XAUT.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/XAUT.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 16:05:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 110638\r\nConnection: keep-alive\r\nx-oss-request-id: 699DCC3CC78BAF373426FABB\r\nAccept-Ranges: bytes\r\nETag: \"9D1FA90455F3E0C966910678A6341204\"\r\nLast-Modified: Sun, 03 Nov 2024 12:42:47 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14148370102076571509\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: nR+pBFXz4MlmkQZ4pjQSBA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":110638,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2000 x 2000, 8-bit/color RGBA, non-interlaced","md5":"9d1fa90455f3e0c966910678a6341204","sha1":"145bdb8bff255f92c9c620d27a93960edb79911e","sha256":"e8ee450381bbe0475a4995dd8c00847ddd3000ebf42e5a62f9713946f2b973c3","sha512":"9479e1c57ab8e76cf9e37b9aeae8e1bce0e18aaa41c832fb5b750e9b15e788d9230a71db5f1507d349d9451f6ac824dedb524059ed7f50e77f674705289460b2","ssdeep":"1536:kvTV1GCc70U2WCG9hf7KFAK0B5Z3uIwZmsmUcLVqDBOHqwnU/:k7VY4UrCG91WCtB5Z+pbcGBOKj","tlshash":"d4b3c5cc05f0f1ee9176ce2c94a7358c046243bbce597ab2f311d6df581aba99c118a7","first_seen":"2025-07-19T00:50:04.632539Z","last_seen":"2026-05-11T20:01:23.621257Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1784,"timings":{"blocked":1135,"dns":0,"connect":0,"send":0,"wait":308,"receive":341,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:15.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"POST /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BMnZN1oQ34k72Pq4JIyEnUByzNGL3YGtc7UVEwH%2BnRaomAlRrb6MJyGZ4WfdfGesIztzLZr%2FhM%2FThlnOClTvZrTEHZlolXi8Is%2BnwkHIVHxCWKHe50c%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034116df4be94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2513,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d6105da6571d557e8d9ed281e90002a0","sha1":"b3d295451a43e31bb73df77bf25fbc972de18381","sha256":"b4cb1c7c642c00a17a48147c3501456faf8bbef3b67ceb7b43f508a0a7556866","sha512":"99fb67b7b6ea34902aee321474ba22e9f7adf00e3c86830d11ca38cc4e02e7e7525c7d16d722d8be3d469c0e14835e22bac35bc3f95a747f818941e47de86943","ssdeep":"","tlshash":"29512f4f23688e75085640c326ed7eeae76f625b86218c780556cb8c47f2abe172b644","first_seen":"2026-02-01T00:53:28.991422Z","last_seen":"2026-04-21T18:18:07.382987Z","times_seen":10,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/TradeLayout-BrIMxeAI.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/TradeLayout-BrIMxeAI.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-dfd\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7c5x4VjnRdzhAfnQ6q%2F9RD3DCOrZmoiBGq3FOOMChOckjczKdC7vkmKtLPPU0vNrUKlI49ePN%2BK9QioX48aT68Bxq%2BN7mgXThcarvHA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f6bb61243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3581,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3580)","md5":"b08a5b68e9c17d2385187ec123d3dfed","sha1":"5f9a27d30b983b033829617229d229e9e063b9e9","sha256":"a2ae536f5b93b3296d208a2206920fb08d22361bbfa4a7a5f8643b0dec3bc764","sha512":"5cdf2502063205ff12729f1828ea7402d551dd6405b1e519fb2cf4854437b46f15248b565816295e28609611c0e013ce9e1ef89a635eb7834162d2a2de0e8f82","ssdeep":"","tlshash":"1271449af14c20a86173da85a6e8528d110de343f73605dab35079fe8fc37fa277508a","first_seen":"2026-02-24T15:59:15.610623Z","last_seen":"2026-02-26T17:48:02.158175Z","times_seen":8,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/phone-mockup-CPfpb_e7.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/phone-mockup-CPfpb_e7.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-3fdcd\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QJO1RkPjYWixJeft9telDw5hhcV%2FdzyX1PzjSXeR8uEXXdIaf5w9uydOhNIIN%2FaK3edpxuPVLYO8fdi3dxf0q%2F%2BE4kMXpKAZ9MbB2oM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d19111243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":261581,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 520 x 1073, 8-bit/color RGBA, non-interlaced","md5":"3e14c28536628aa6f2daeb570847935b","sha1":"bec850de8e78d4e079df7a63669034ab9c2d742c","sha256":"95d3880d87d433ce0dfcf6e01249aab632f918094f177d037fce4f81aef5c548","sha512":"9eae404fdda53d8675ffb4328692d0c35a3db0269be1b1da73b0a5f1845060804d556123b2c4788f19c662af2a91ff45ce21e0af960b8ff8101495cdca47e63d","ssdeep":"6144:4WW67gM3Q5ss/10nRyw5V46IhmxEopl80:HWzaQ5sQ0Q6Xp","tlshash":"184412f4b20ae26d07969938ea0c9b45d656c3dfb08b36baf98f5046259ff314479c03","first_seen":"2025-11-30T14:17:39.769779Z","last_seen":"2026-05-26T16:34:37.727683Z","times_seen":39,"resource_available":false,"data":null}},"time_used":1312,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":756,"receive":556,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/trading-interface-YvFbDJGl.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/trading-interface-YvFbDJGl.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-6dddc\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zNTmhnRZLv53PcteXd1ZU73TWYt4wDikLfefFghSkOOxz8TGowKtISK2FqSPonbm3i61f4S6VexVWOz%2B2GB8maG6Xp%2BSFDi8HVfIOwU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d59251243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":450012,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1199 x 769, 8-bit/color RGBA, non-interlaced","md5":"8e164653c295a947f0f5f890ace31218","sha1":"ad2b0b6fea992e6c58813ef2bfb054c4bf219343","sha256":"5414a7098f38784b19949671f3764c769fc9ec1cfa53445f6a083c70d40ed42a","sha512":"64866ba82d827f979ab4a565b85993384d54208092322810905b79b8ff869154c051aa081c69a074e16caf93644220f4fdf93108c9ac94d0be84c5d64f1397ce","ssdeep":"12288:z5/ZEt409LPsiceDij3a44IuvoHZt0JAyKsvX4UCQFX6CKb:z0t39Uic4w3aVIuAHZtOKI4VWX6Rb","tlshash":"b5a423d46a8c52d4420fa54146bebca35e188bbeb733e140d4ce90968f89b71462d6ff","first_seen":"2025-11-30T14:17:39.784095Z","last_seen":"2026-05-26T16:34:37.754059Z","times_seen":45,"resource_available":false,"data":null}},"time_used":1546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":782,"receive":764,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Low_2-BPxk_UPI.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Low_2-BPxk_UPI.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-24b6\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iR410fikdhK1MrnmWAXYKBSy4l4RTnhXJdrR848JXa8LBhsdjEs8ER1RuBTjghEpA6zwKjz1oiJwPGNntvzytvsn0Wr9Y0fWXuGmZ2E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d79321243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9398,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"ce19171ad2413080ac589384fcdd4a01","sha1":"7b7da4a5cc5aeb1b1f10266de0edb0bacc2fdc30","sha256":"68582f4a49950d5778e05957baddfb31bc321607dfc5af01c519cb84f87ec0a7","sha512":"4282b94584460f26d89f307072438f1c29b017c81d4a5d3cef14d06e839a2953e304c8f3447907bcea56f84c0b2b87d4972405bb04da530de1a360865c579b44","ssdeep":"192:4S+V2BSNF7kJS4V2yFaVkIghjKpg3UhUyBL1xWczVDF7Tqxwyvgajoto:/wyM7kwbW6JkWUyIUDwqo","tlshash":"9312b00bbc2b7d3b7211f80944cc37a51c1ab8bd05ad839188b576951adee58d7e3ec1","first_seen":"2025-08-26T17:46:37.214917Z","last_seen":"2026-05-30T18:39:08.450009Z","times_seen":85,"resource_available":false,"data":null}},"time_used":745,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":745,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/starslist-YIJi42t6.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/starslist-YIJi42t6.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-569d\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pt9UFzkpIQ0y%2FMW1rpfGtBvJdyUiun8GgtRflzOndSwRht5HQmN7SXdIN69Ez4uTsSat2e416ajHJCD9IcksNMToFWxvE96Q5dPp%2B0M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d993a1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22173,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2148 x 417, 8-bit/color RGBA, non-interlaced","md5":"78382c82dad9a7dd50655f44fb82f743","sha1":"5cb4a13ba952deeec34e3c4a5f0a1a424efb1cd1","sha256":"3bb15b8fd045ea090c833d5cdce05e097a4f9556f1a74b69232968b505895609","sha512":"f2297ebeeb0a47f59cd03b6b6079b3ad6c54aa1d585416a38ba5220a0a3a34b64a63f70b28460c34739441ba5237dfc5f560adcbdb00cceb83e5508197f687f2","ssdeep":"384:JojM6hkS9bZoCrjbih/rDyNRNMlOuDZ5lxYYWZLesJeDQu:YRN3iZrg3KOoZxqODQu","tlshash":"7ca2c01a9a5eecb1f92cf0313a834d30e9694452bde0c339b542c105feab4bc86b61a5","first_seen":"2024-12-26T23:29:40.083923Z","last_seen":"2026-05-26T16:34:37.743376Z","times_seen":72,"resource_available":false,"data":null}},"time_used":725,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":725,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/SOL.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/SOL.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 16:05:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 25649\r\nConnection: keep-alive\r\nx-oss-request-id: 699DCC3CAFAD5B30359A0578\r\nAccept-Ranges: bytes\r\nETag: \"670C723ABC22056BC5368CA2A97DD6A2\"\r\nLast-Modified: Tue, 22 Oct 2024 11:42:55 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10769821075161595358\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ZwxyOrwiBWvFNoyiqX3Wog==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":25649,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 201, 8-bit/color RGBA, non-interlaced","md5":"670c723abc22056bc5368ca2a97dd6a2","sha1":"5ba69b915180c31e4d35a524a9de7b3409ef80a8","sha256":"11192935f626fdb37ddfd8418d754feee326fc6f0a3ce7aa6e61283a820d8b09","sha512":"546901ff0dd66b4768e7560c2ccdceedc3bdac577eea114e600613d98319bde07a84d4fd8a303f4c34c05b3a26c73f03602ba38aaa5436dfcdac6712e0868652","ssdeep":"768:9SDR4lelsfdJTM1JiB+mP9LsYKPlAgezlYWXu23fgiqs:9Alsfd9MqBZ1L5MGgQuW+2vLqs","tlshash":"feb2d076137254ea4442115b97364e812c39f4e3adea6e2c7507a40c7d4a33b30db6bf","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-06T04:02:55.294395Z","times_seen":678,"resource_available":false,"data":null}},"time_used":1618,"timings":{"blocked":1327,"dns":0,"connect":0,"send":0,"wait":283,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Register-CZzsnL_s.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Register-CZzsnL_s.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"698b0c4a-bd\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YUQDNgHvWuvKv946kyN%2Fa%2Fetakwu0WqNPtgRvxBOuu6yPBd8O0J0qL29nnuyHzGCWnxkdUy7pwJ23CEw7LJ3LL%2BwfXL8lJbcuVNbwvA%3D\"}]}\r\ncf-ray: 9d30341f6bb31243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":189,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"0f478f9acb51dc6d5bba246cfb3c40f4","sha1":"e0b895c539b695c5bb07f09eb825e1a8c566e5ef","sha256":"6b51f62c7175076988c4aa1b50db70a4d3b2ba26a5cb91b03e9d901875873e26","sha512":"5f3b2329636cd8a81ed09c4790c6e8a45a1c0ce25c899f02ba6eb5eaf8252cca00a31fd4af1de7b4d60c9efad17bc8483a7bc274b73aa5ee4b2f42b852991979","ssdeep":"","tlshash":"11c01252841e713b1eaff2545295c18d9534b7d3ac221a6c5615729097e6ec0261e4c9","first_seen":"2026-01-30T06:58:07.097395Z","last_seen":"2026-05-05T09:11:43.201453Z","times_seen":55,"resource_available":false,"data":null}},"time_used":612,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":612,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/index-BEzzQ_GE.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/index-BEzzQ_GE.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-7dc\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dus%2FaA5fzGq4BVSrkGKNeD0y2XStPYoazteCdjAHPyPrwNZYeC7JQizyy9aqXZkKKDAEJFlnJnBQELpJQ6YuZPmQPLFICOGJokUmI50%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f7bbb1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2012,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2011)","md5":"0c98fa035f8004d2e7b794a1d501b474","sha1":"d49aa0799afaf0c8330b6e5a2cf4ed64ad66b770","sha256":"8f481f1fc0cb216b79a6390824a27be70d29c64b11fa5cd299ed1acf23d0992f","sha512":"d016bf24192d22e7a1632c1dbbec6e5992b53b3a05f6fee2e8e0a7c6ef4085d430ed741ae8ea8b6b888cb8d42468f2c23e945728be356fe37dda4b8fa9567064","ssdeep":"","tlshash":"364122f2a1d5129c33b7dc34d9d1762c422ae5c2d3910edc6256ba6cbbc3ada1eb4018","first_seen":"2026-01-30T06:58:07.039613Z","last_seen":"2026-03-14T09:23:15.18411Z","times_seen":17,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Register-Cl5YsboM.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/Register-Cl5YsboM.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-47f9\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T16R37%2B1Cx%2FtPOMqk34%2FkBi4Cylig3cKkP8kFjTQwcJaUJZIgoel8fY419%2Ft1xw%2B5xkyguQm3zQ%2BB8q1CM8Zv0h3cpOPT5n7FvwsVtg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034234c891243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18425,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (18419)","md5":"e8accca9546c505118507dd419e8ac62","sha1":"93001cfe0c3227b5bdee16c98597eb9fb8a826f5","sha256":"0aa408332692aa852696c9a1028246344b5189a7a05bee006935fe1a6b108fac","sha512":"8bd08bc6d0d8064497c0a3d43882776b21ba3ae5faf3da9c4130923daa106f6eafa0e8966f779ac9275e8327510f99f44cddf0ca0dd289c9f73f595831eeb42c","ssdeep":"384:GNl6uOz1k7mm+r6meg5bM5MZ5iWajEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792+:GNlpORk7a55g5s5TUZ5pyVjnjXYn0D9V","tlshash":"db82678cb1519bfaab7b9431f4476930682c4f5fc463c0f6e6e88c35a79ec71a51423a","first_seen":"2026-02-24T15:59:15.535034Z","last_seen":"2026-02-24T16:05:43.748772Z","times_seen":2,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/crypto-CzKJroU0.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/crypto-CzKJroU0.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-9b3a\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o6p0Go%2FsSKzLF6djEp8ri4GkiOWgoDzCxaHel3CPQJP9ZixaXMcvF3y%2FNc%2FHPp0fD3Jl1kvlJJBNpN37m2l3%2FrxPEdNsaHn97RjIYv8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d491b1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39738,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"d96f714646b573194b60928d259b4aa2","sha1":"6094806144be7f313efb1d6ce0394e2e1c916e8c","sha256":"f9dad38264fde116c4af1ca31c4f4e5853c22ff612c5aa1356fa788030fd3e56","sha512":"5bc291929ae2da85c57678debf71e608ef311660ff9030eeba1f254470ee822bbcf6347054399e30a4dda40829222cd69314bd0b87236c34fce12b36325bf234","ssdeep":"768:/uuO/MIYxLYmYAaEJCQgwW6scjj+189Qlf3AqpNabUesRt+HPi0:/ZO/MIYxLYfZEFgwRZvY8K5hpM60","tlshash":"2403f273f51364e85cb0e3ddbc8a7299647e91361ba148508411788f563cdb43fb64b9","first_seen":"2025-08-26T17:46:37.250301Z","last_seen":"2026-05-30T18:39:08.475224Z","times_seen":88,"resource_available":false,"data":null}},"time_used":928,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":747,"receive":181,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Low_7-MbUCZvwK.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Low_7-MbUCZvwK.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-1434\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4H%2FZEEaVtTX8NJKo7qcFlX8TFDx%2FRqWKs%2BQ0R8A8mRm6QL7Dz5qZ5aBo14yRKfwsABaPSKOXbW%2BKefCLNZcMoRAgtMK8zZvaswo9%2Bes%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d89361243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5172,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"e38075ca6aec6851335c8a616c6f9496","sha1":"8152c7c77e00e84bfbf7d6f39fdded8ca7ef7c26","sha256":"6a3049f60479030d5b33caf22b842537e58c8dc871bcdfc6db2662c4edd005e1","sha512":"e5daec0492c9a3d5190d6722f142b72b6e855d97ef773601fdf8357c498ac740e7adec9a209221dec86b9d9ff6c5f4b17d729e80598d76ce858827b966aea75b","ssdeep":"96:8OSiMd9yT+70vrsi4pKQsMRjUUBdFvVhLf8Rbk/6jJ5qVVwVMUVycXg:8OSiM7xq/cRjUUtLURb7jvpMYXg","tlshash":"33b17de6e9f51f410ed83cb149fe70aede5bc07960a27e1c3468aaecc5254e38ac0941","first_seen":"2025-08-26T17:46:37.24529Z","last_seen":"2026-05-30T18:39:08.435851Z","times_seen":85,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cservice.vip/js/ai_service_diy_8468gpfh.js?v=1769638669","fqdn":"cservice.vip","domain":"cservice.vip","tld":"vip"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:15.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cservice.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 21:47:19 GMT","end":"Tue, 07 Apr 2026 22:46:59 GMT"},"fingerprint":{"sha1":"A5:63:FC:3B:CE:6F:DF:D0:D8:AA:87:18:27:C8:A2:B4:01:3A:99:27","sha256":"4C:2E:05:A9:16:CC:FD:8D:F0:D5:92:B1:5B:29:A1:E8:A3:D1:0A:D1:95:CB:2F:83:92:31:F4:55:56:92:B2:14"}}},"request":{"raw":"GET /js/ai_service_diy_8468gpfh.js?v=1769638669 HTTP/1.1\r\nHost: cservice.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 10 Jan 2026 13:50:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69625938-712\"\r\nexpires: Wed, 25 Feb 2026 03:55:31 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 584\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bx%2F7vZ7PgCHCN8AM11w%2BzRxwW16VzmmWKK4Q89gzftWAfhcmtSlZLXAm%2BDEKJi%2FGBjD64eAvxxc3TRvTAz%2BKifCRDc43ZFhngKD7vw%3D%3D\"}]}\r\ncf-ray: 9d303415aa5e90fd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1810,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"9dd334ff9ec0b68b57834c868660c408","sha1":"e6606e26c6cbd0d50fe454ff692163d3f007c178","sha256":"2a1aa3ea60d288e35bfcb33368fa02ba1f47d2a8369048808107fcbdb7e137c5","sha512":"f9e1c5e90f8403bd5f9e4ba5835dfe46faa40ab0e96a42352a2b1a8a334cb1a14e2c95872fff9c74c898befaa7ec24fa57e62d254a0888eec6528540d6b5f2e4","ssdeep":"","tlshash":"b131dda25e8985731933322a9b3ba128fb31270319019a033ebd67006f31e49aa65ec4","first_seen":"2026-02-01T00:53:28.946185Z","last_seen":"2026-03-09T15:01:17.948163Z","times_seen":7,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":32,"dns":1,"connect":8,"send":0,"wait":19,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/filters-CwQNJrJW.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/filters-CwQNJrJW.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-416\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=56C65%2B3ni0DhxWLllEEwVm%2Fwx1X5kx0Sw%2B4hQSumSzGhPI2i607IpiGLO0uCePQRfUfzs6Hy2yKmovRmAnDOW%2FgaAjjoGsN9rP5HA%2Fs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f8bc21243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1046,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1045)","md5":"3be61883aa794d73d0be711578300ddc","sha1":"e2f55af3af6d11f9931384bc3b5db810e6e76562","sha256":"56bbbca3a1fcae8633790e3481f5810ef57684572d9b93e4e2ad0ce87ca087d6","sha512":"43ada60543acf6d99f5a99bfef8f6bdeddb5a21272a2fef486d65a356a865974b0dcf316d77db2d5bba0efe5afe165a387e76d3834b510db47fc229b80658db8","ssdeep":"","tlshash":"0711adb995c6c67b02fbc8c8514d41c768e87f78b00e4b62bd64f1163561095f4be393","first_seen":"2026-02-24T15:59:15.562117Z","last_seen":"2026-02-24T16:05:43.751763Z","times_seen":2,"resource_available":true,"data":null}},"time_used":584,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":584,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/loan-DbtGJtzC.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:18.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/loan-DbtGJtzC.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"698b0c4a-244\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nMrs%2BNaLPWTwDOrQBj1z0ftdgCixisj5C5GTbgllPtKU5SslsihcU5Tb2pyiUN2Il%2BSVmIidav7Lc3CHFkYZbXWDRDcX6LYY6ORd158%3D\"}]}\r\ncf-ray: 9d303426bcd31243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":580,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (579)","md5":"a967023a1db2171077ced2f24f78ec67","sha1":"7e5f70e9e5d5c18ee59734c9d943593ebc310e91","sha256":"f3340c7e2af8cfb586173074f0fb46111df5305a406349a8a0f3267ba71c99b9","sha512":"77cd8f39c3d8e1bea52c99b07be108443c21b704304bded62181956261809c8efabfed25a11f46ce31ca4993a15992cef8635eaebd3fdc38e259ed5a4a6f427d","ssdeep":"","tlshash":"19f0f6dabd179a7f9135d23930923d02b43b9a31def614702f2ad8678f2c0c9675b941","first_seen":"2026-02-24T15:59:15.523506Z","last_seen":"2026-02-24T16:05:43.734552Z","times_seen":2,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/dataModify-C6sk-dj3.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/dataModify-C6sk-dj3.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"698b0c4a-27b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2j86otSqKUWy9xgpgSLAjm6j8or03VXjgmJTlvYd13wde1WWtYQyHA70%2Bi%2FYptVrDGdHZ0OSoU7qrcGbhhpBJZwBQmgSFnofyY19h%2B0%3D\"}]}\r\ncf-ray: 9d30340868831243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (634)","md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-05-26T16:34:37.704819Z","times_seen":66,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/index-B4CX758G.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/index-B4CX758G.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-22b8\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eyR5BitJZ0D2G7nMVY5g6mp%2FEYXkho11UaU7a40GucgBrVeHhmjeCSPf3nYelaEhRYuFi6P05iFyLu%2BUGciAxu3%2B2bizWFYvuoXKmNw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034027fbe1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8888,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8887)","md5":"365152d1a172a0dee690e108c0e563d9","sha1":"19387e4993b29c4ed320a2b31b0d33fea2606df3","sha256":"249b413b72e45131c9a2d1360e03b90ea3b11bd380bdd877b5ab6c99fc9694b4","sha512":"838b657752953eb242073129b94d1fb5fb8f2a74e112c99ca25f34ed39e5301c9835c5d07cc4c0a16673293e84acae267d61e61bba5a77848da0a44c2a8efebf","ssdeep":"192:fpKymUJbiKnehJTJdKSme+jeH1Zpbw7GHKY:fpK/UbehJFdKW+SVZpbXKY","tlshash":"bf02b630a3181c27a277cf155694e6fc5e64a123cbf7091ce2406e28dbfa5f4122eac6","first_seen":"2026-01-30T06:58:07.052438Z","last_seen":"2026-05-26T16:34:37.720424Z","times_seen":66,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":564,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/common/getCoinSecondList","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"POST /api/common/getCoinSecondList HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NX0SqM%2F7%2BOZNT0ylOiJxwR%2FnOfQG3FhNxZgor32FXrSLgfH%2BQe8tHDmiGMl7sNXKKmEcmB3XIwzf4IQYDwPfTlkio%2FKJaWAz8iWRwbqVP%2Fl%2BHBFaf%2B0%3D\"}]}\r\ncf-ray: 9d3034066c9efb58-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47247,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (46363), with no line terminators","md5":"9d7c175f7b05c66bfb5cb8c9f8520ec7","sha1":"2dc2859789f90d582264352da465c8aed59bfe7f","sha256":"a601db17cd96b5fd0730a6175cbd7768574459e1bfaf51c377868896e9b6814f","sha512":"c87d28eff671a3295ff81bd030b9dc8beec4cbbb216fad758e560e9393d0b329f1ddb2a60c4694f35f2ea80409ff7bda64e6248f24cc29f056cd00b9ab4f8960","ssdeep":"192:P8P1Ago4SIHoZAgp7mvFsiJZrbrfvjpNWuQkGFcOlrMK4k5cW3/nqmYt6aW9o57J:NQ4h2zVWajAZfTkaS","tlshash":"1623b929b664887c875085df59533f53d25d257bed8c8a2ac9ff4e8220fcf766203a06","first_seen":"2026-02-24T16:05:43.754083Z","last_seen":"2026-02-24T16:05:43.754083Z","times_seen":1,"resource_available":false,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":518,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Frame%202-5VaDbG1-.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Frame%202-5VaDbG1-.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-1656\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cxpz9GM6DqYloJsswhCaldI1DtXMgIa3AbHJUBkSDY5XhuGoTs9zNAdtv4%2BwzGfvgRXBwTBaLI%2BgVkAWsEWsGNn6a8O3EBOepchk5ys%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d692b1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5718,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"5f758e18ae5e7982ead7774e8a97ef13","sha1":"a304ce7a8d6956e37c1ea3d82f6f973eb8233e90","sha256":"d2655ed85d2e3cf091024f70ce46667738e6b870ad988c9a5f8b12b0d0313951","sha512":"b3fbe74ead16f03b6546cf946a1618a78bbb6e55cc45f88c75373d12ad1de1ee4175b3657e90db6157edbee31e568f92c55f851db5cd548b8b1e79d28ea1440d","ssdeep":"96:4Sg5i+RYQPkBi5/bYtii54JP9UN/z+VVyxhSxlUXIiHDo+/aAX3+v5f9C+zEJ/Ot:4SAGxBc/vrGN/m+Sxa4Ao1A+Bf8tGl3t","tlshash":"39c19f8863f4c66000a04169a9d1c3af560cf5df01edbf947045a1d518eced6ee26efb","first_seen":"2025-08-26T17:46:37.251652Z","last_seen":"2026-05-30T18:39:08.477914Z","times_seen":85,"resource_available":false,"data":null}},"time_used":612,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":612,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Frame%204-BZFoet9Q.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Frame%204-BZFoet9Q.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-1661\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Oit2PCG%2BCMxjeowS8BSt871LHre8l%2Fk26BSLi2XlLjRNHGHq5M7pDTgq%2FZOpJ9tvQIMDzO%2FB%2BqvoRvqmGhF5FOnwtB4BXx5v%2BRbwetU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d692c1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5729,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"c3db4e6b3340b588b927ecd0c523b863","sha1":"c2809f25a9992e45976739f32f2e9cab161ea7df","sha256":"46350bd8be7e27ea772bdf49836ce87165677e03ef1386f4660e01564dd42150","sha512":"3911815d12f41f1fc178e72f8a33ea8f9c481612f4c62a35c3a6a4cedf050d97cdfe8c31c8639e40c133b3a94a7e3270a3c983a54a734aff2951d6362e90fcb0","ssdeep":"96:8OSquQsKe1aEHC7jPd6PP4UF9Fmk5GZZu+khzgHkAu+Wg2u6:8OSqO9kc1NuofAu+Xp6","tlshash":"f6c1aec532f1afabd84b0c3490d67ec763ee8a5591768e0bb325a093e02e8e0120d875","first_seen":"2025-08-26T17:46:37.288981Z","last_seen":"2026-05-30T18:39:08.448285Z","times_seen":85,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":562,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/BTC.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/BTC.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 16:05:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 2691\r\nConnection: keep-alive\r\nx-oss-request-id: 699DCC3C7CD23C3038E5994A\r\nAccept-Ranges: bytes\r\nETag: \"2EDF1EF8B333C40979976D1A49BC234C\"\r\nLast-Modified: Tue, 22 Oct 2024 11:43:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1939274224005843766\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Lt8e+LMzxAl5l20aSbwjTA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2691,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2edf1ef8b333c40979976d1a49bc234c","sha1":"d75ac12795b4a9575c874e1b190712cd62a87afc","sha256":"50a1901684f223bf26594dd3415b1e50f184820a16daa810cc5452911e9117a9","sha512":"f697a1fa0786316fc01003f72621920932e2657e4acf5a471e35d02717c42c9db5a12df311895a776a563dcae9b8fc0b6721833529a054b9dbfff4c52fc564d3","ssdeep":"","tlshash":"2b515ee60252267980d32438616db1e178beabb2c3021ded6c1444954acc4b62555cfa","first_seen":"2023-05-01T18:49:36Z","last_seen":"2026-06-06T18:41:46.446058Z","times_seen":21647,"resource_available":false,"data":null}},"time_used":1327,"timings":{"blocked":1030,"dns":0,"connect":0,"send":0,"wait":296,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/ArticleViewer-NZgUlOne.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/ArticleViewer-NZgUlOne.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-963\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=av9yQlFSA5zR7ztHwJX%2BwzHpubvjrUHgDJ6ArIvjZ6s4yo3%2BMltQpy%2FN68RFbmiHMJFiSQvDs5RUMlMliZR8YLHX62Ar6mMGUUeGhJc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034028fc71243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2403,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2402)","md5":"60eed223189fc663514c5341bcff77b4","sha1":"6e21fa058a31f9fd6f257aa57e96c61d58ea9c2f","sha256":"db75c12e3096e41da91a37249a4e51d1cff9628a5cba108f4f89632ea24438f5","sha512":"74349c249f9cfeec30882c7947d925e1482970ead26a08d2a2b5558cb0b839146148fd23bfd5370e962ee7c57558a58ff885967621a1a2dff7664b3d972dfcf1","ssdeep":"","tlshash":"cf41729c6476cfb896f39335a58ad6549044bbcad7118a89727e582a2fc0eb07a5c308","first_seen":"2026-02-24T15:59:15.568903Z","last_seen":"2026-02-24T16:05:43.757945Z","times_seen":2,"resource_available":true,"data":null}},"time_used":573,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":573,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/common/getAllSetting","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BDfCK5%2FhsTop8SyAFxkAsPsTG1ccl7PoFmZSqq6gvXTC4mOf0WJdvyeZfdKL2ZALnSocrJwwmJ4KFX%2F6qNuk6%2Bz877wFsOyT26QbyxHMD2xTWqY9Ql8%3D\"}]}\r\ncf-ray: 9d303406ad96fb58-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40369,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0c3f3498ef12eefb62ee19bf1786c57d","sha1":"b4958c33d78ceb3b88b98f877825dc2de0936f31","sha256":"5e23fe3a5e098fce62ca0de8eccc349ace92fb836bc35c8ba409eff51e3578e3","sha512":"6c480d2bb5c047e3d4e3233c498c450643854b45974bae6e7599a3a8f581ddbb5eeb4f895f8ca2ebf697e2e69a6dad893ca076d1a1716a7d0bc6c1771c486707","ssdeep":"384:wszr4jG0cBx/ejbVlZozism0eKwUumMtvaXCEw:wQEjPKx/shlZozGam","tlshash":"db03841a7068ecbdc7daa8d600773a6b35ac387feed55da4e1cd4e0c43e9471850b60a","first_seen":"2026-02-01T00:53:28.949695Z","last_seen":"2026-02-24T16:05:43.759154Z","times_seen":3,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Low_1-6m8ONw4C.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Low_1-6m8ONw4C.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-162e\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S5EffAizwUt7DkBQ4nYbubtruyFYPKiDY8YDqDH%2FNWl8V7LjEelqzpfHGnSUEuXc5H9S8UFy7d9Kc9CJJKoFydt9Qplh%2FGSbO5h3eag%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d79311243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"5103c807ea33c534b2710ac6d158b293","sha1":"791ce9f7dab4d0fa9e1c68d9295fdbec555d599c","sha256":"f703e9a83bac8e20f95f9efab361f7d5490d3c1fc71990e0ca7d6b873a7de8f1","sha512":"5af38160b36582ae82b65694d8d559f71c505dc98e0045cafb5dee8674156a373f66e5e0901ed688f6c00767344a6f5c0f6e141ce914c8486c1b3041331bf2b2","ssdeep":"96:8OSaygjX4v9yeCz+ZZ68HHk2fWXp3+YdG2K3yZ178HnxmDZZBnDuS2:8OSco/LZZIwWd39P8HnKDU","tlshash":"4fc18cce55b2d9dcdaa41fb8234560381929e197e010bc02c935bbd42dc4509eeece3f","first_seen":"2025-08-26T17:46:37.287888Z","last_seen":"2026-05-30T18:39:08.463978Z","times_seen":85,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":584,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-nLw3Ee0x.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:18.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-nLw3Ee0x.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-5e6\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dz%2B3jjCWtQtCI5WeDYhWVId%2FC7GeytNlCkU6RkW6Mswom9UboypIT1uzzv7QMTCfo3On80wZ4h7eLA9Wqh7m8YznpVJZCrtCN6A3%2FdY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d303426accd1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1509)","md5":"8a797d296738268b6851ab9c7d075eb9","sha1":"fa2a371a33b3d490dea7c3b300643c28bf9dafad","sha256":"d7c1e840ce1abf8a34249aa289cc6cdf191b78e05561fe8b62cd725ebdef89b3","sha512":"9cbe82057986d248ed349a00f4cd2db0f0659b3745b659a68081199224ed6386f4e76d55e9def4bcfcf50d95e690c2256d5eb430fd5c0e7453c76eecbb5bc7f9","ssdeep":"","tlshash":"f031320d9473cbfc95a391351b9a2168d2947fdaea708bccf36c14723aca9b6592c640","first_seen":"2026-02-24T15:59:15.578Z","last_seen":"2026-02-24T16:05:43.76065Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/PdfViewer-B45GQKhL.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/PdfViewer-B45GQKhL.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"698b0c4a-ac\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nUq2Nk1p0m1zXqbio6tqmi1AuD2l1AZvoqmQYkcHKLpz9vXYgB6%2Br1qaHytxdMmOmT2zEHQTE4sYoTASXXV2YL1Z%2FNExmqWFjrcyet4%3D\"}]}\r\ncf-ray: 9d3034026fbb1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":172,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a07280d8c4487f94b1962d8eb4c60c95","sha1":"73584fe1844801f9c25e94ccc9dff3b20346c2fb","sha256":"cd0180dd43cdd6e4f0be1f78d4764975fd0abd9566ccf9210d4404d8e876ac98","sha512":"1b03fbfdad670899cdcf22896978f04a52fb6bbc48af9f0a6400182b7e30cbdd7d340bf4b3a082f824232134c66e891e39bcf834b4e760522d5988442d0b43b0","ssdeep":"","tlshash":"9dc04c23f185949d04125064159236fcdb3da50a634e1cf14b56f3766abd3c765364d1","first_seen":"2025-08-26T17:46:37.291739Z","last_seen":"2026-05-26T16:34:37.689682Z","times_seen":70,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":585,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/PdfViewer-BH7Ek4ws.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/PdfViewer-BH7Ek4ws.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-219cba\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oZXzZOEp2axdoRculYvk1juCYVi1lDJhWNS70OvarUIjeNJVuZSa3%2BjT3bdH3MC60GbeoDohQXYpn4xWq6Ygel7LWKTtkG8O74RU5%2Bg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d303408888b1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2202810,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"41b790f49b2c5c8196bf910f176ddf76","sha1":"bfdd6bf8b0621e227113e4ba62e3c196b24c3d70","sha256":"09e53c1fbb122763207a90af34d2ed2c8effe28ce0b2e77f6fc3d089d1ad6597","sha512":"fe28da9b7d2824a1d8494ff8c5449abec09f4e51f76bb9b65485171b09d9854c61ffadaf15bc875149a6c21f8ff2f9d287541efd6da1c45a8fc7a7902c87317a","ssdeep":"12288:2ZapMfCJkxNP/XN8894qsbzAar4Y7hdKvWHbzYE/EqkMsxP706zL9bHIOdBEtHbV:2kpMfCJkPXXq8RqbOt7aFMz8","tlshash":"e2258d24731a769d0aa900c370bd1589d3fe1609e062e1dcb78f7a9f6a6ec09673d734","first_seen":"2026-02-24T15:59:15.542005Z","last_seen":"2026-02-24T16:05:43.762124Z","times_seen":2,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":550,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NcfDOQvlpSa0M9XeVzYW5t%2BC3JBK72K%2B3vVx0cdfjrXscqDDnQjJ7lUFaY7rwNU2TPG6V3jEm4hn7yqMJ1o%2FMrEZSBA34SH7asyRVc%2FRyFOt5mjo%2BgQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340dec60be94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T23:09:45.281132Z","times_seen":16194959,"resource_available":true,"data":null}},"time_used":554,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":554,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/remixicon-BVvFtaex.woff2?t=1734404658139","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/remixicon-BVvFtaex.woff2?t=1734404658139 HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitfinexc.win/assets/index-Dji4SAva.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 176812\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\netag: \"698b0c4a-2b2ac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yF7S49eRh9LHrbh0Yn%2FUdzwZDRs3V6t%2FV5k%2FGAmC%2FWnXghV32NZV%2BoD5QM5TKRnlSPw8E%2FobwgdtOlN%2BrVqRj3180QtLaUso4pXkMhY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9d30340df94d1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":176812,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 176812, version 1.0","md5":"9f0118b43f57fc3ea9f55bbfb3a3b185","sha1":"f3ec7500bd2c615bba2de885d46bcaa91c20aa9b","sha256":"7ea90bbc7c505b98dd7d3a089a6fa32067e353150192951cedb05e26820936cf","sha512":"6a17cdb1c39d1638a2e69ac8c9cf15229d9f64ce9026965dd8e8878700994fd1db65f21be31e18a49ec36e0b0ca522d05ab7f3884b21a022d9ccde9795d0baab","ssdeep":"3072:8oI+omjEjOiEHbaa4yYDtZimTAj2QdJohF8EBGWXsL1u:8r+5baa4yYRTw2Q8C48g","tlshash":"300413f0eda0d72cd9c7fc12f48db606aa9c579475f790901bb0fef869ca4a8965c420","first_seen":"2024-12-20T14:28:38.376296Z","last_seen":"2026-06-06T18:05:31.642147Z","times_seen":1974,"resource_available":false,"data":null}},"time_used":1117,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":565,"receive":552,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Register-Cl5YsboM.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/Register-Cl5YsboM.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-47f9\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O9TDbeB4YpIMa%2Fwx8322e8t7%2B0EwQNtl176trcxIJ9opcDPKelruqUAaDUOyQMuz%2BSNe8wsYllyP2VyrGEX%2BYyNbBjycl9e7XZaG3Go%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f6bb51243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18425,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (18419)","md5":"e8accca9546c505118507dd419e8ac62","sha1":"93001cfe0c3227b5bdee16c98597eb9fb8a826f5","sha256":"0aa408332692aa852696c9a1028246344b5189a7a05bee006935fe1a6b108fac","sha512":"8bd08bc6d0d8064497c0a3d43882776b21ba3ae5faf3da9c4130923daa106f6eafa0e8966f779ac9275e8327510f99f44cddf0ca0dd289c9f73f595831eeb42c","ssdeep":"384:GNl6uOz1k7mm+r6meg5bM5MZ5iWajEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792+:GNlpORk7a55g5s5TUZ5pyVjnjXYn0D9V","tlshash":"db82678cb1519bfaab7b9431f4476930682c4f5fc463c0f6e6e88c35a79ec71a51423a","first_seen":"2026-02-24T15:59:15.535034Z","last_seen":"2026-02-24T16:05:43.748772Z","times_seen":2,"resource_available":true,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/CreateOrderModal-De4MFw1c.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/CreateOrderModal-De4MFw1c.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"698b0c4a-380\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FqcG43YnQG6aO9Ffdcveria0gUXxJmTh%2B00aQBZkmUhdz8XSLPTdce4IrcJ%2BzhHtZedToaL0%2FoG0xNc8NvrsY%2BqWxyDXInl1TOjSuP0%3D\"}]}\r\ncf-ray: 9d30341f7bb81243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":896,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (895)","md5":"cbd343f17246767930d7cdc3a31afc75","sha1":"53f07e27207566ac0bff5087541d29ae88dbf93f","sha256":"50a406ccd97ba1abd8bb250ed95633f2aa6335867512902988da8148ec9a8544","sha512":"e90f43111a41600d98e32838e6f26b63835956482970cf9a0e3e05c3110a5055883c9be8c00d7adee72d237f900fa332beffac4a3b6e420a6a010b1a558a7036","ssdeep":"","tlshash":"0911365b7088a73f5c3bdba000a6a01e1262ff5b8c2113d50aea5193c99fee76512244","first_seen":"2026-01-30T06:58:07.103163Z","last_seen":"2026-05-26T16:34:37.725627Z","times_seen":65,"resource_available":false,"data":null}},"time_used":524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":524,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-D_D1e0w7.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/index-D_D1e0w7.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-50f2e\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ib6MVInyp46%2Fnq%2BCQfuj8%2FMerYmgB3ZSjkI%2BgUADcfjWKqH55yI%2FuRW7n%2BmbFt4DUO0KEacdbbm1NURSW5OqpxIh%2Fd4fXCi7avYLhQc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034233c871243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":331566,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29586)","md5":"31e8610c721031b880d37b8a1e081c9a","sha1":"2b26fa6c650aa90c4b53d5767b6d458e0d67992b","sha256":"b678a7ae0ce1d286b8314a0b6500fa4b362e986380e804043ebdf745d00876c7","sha512":"75e4d71793e4d0f250431195158c2cd92c885a08e4e72daa421020fe1fdd77499e11cef518a90d0888e32d009cbc2c769c364a93e22781af0d3de0893f8b3e25","ssdeep":"6144:BfIyxrxeAbERhW+M4e5usVKBDtMAyJjSpBBPWG5YhiPmy880z+8Ff0kvmUyPEmIY:dIexeAARhW+M4e5usUBDtM1JjSvBPWGb","tlshash":"b26409847252b27a83f305a2543e4405e2257f88b107c4ddf1fc4cdb3e9ae9665abb78","first_seen":"2026-02-24T15:59:15.521001Z","last_seen":"2026-02-24T16:05:43.76478Z","times_seen":2,"resource_available":true,"data":null}},"time_used":466,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":347,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-m-aRwI0X.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:18.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/index-m-aRwI0X.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-a08c\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k1KFSnf7IFaYlEDF7z10qIV%2BYNCR15n%2F%2Bl69EMwpoVAHxTtsLVnrI3vyXS4qpD4Yzx40Nqg5yoweoEC4ipXN3pPDZm3eQdM1mnwfk3c%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d303426bccf1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41100,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (41099)","md5":"6981c694a2f4c56efddeacc4ff0eb8f0","sha1":"362a8560143970bf35ca539eace7c62280351253","sha256":"7b7663d00494cd731f5a1f4ab3df1ccfe58ee02a00101e2993881703ad126c44","sha512":"689cdea72dd0cb6478dbc38443d13c7a925ee64b53321441c76318270acbf3b1b4d8b325e5e6f4a5c77176032565a09fe1b63df6f99dc5e8a691257874d895a4","ssdeep":"768:2MevlM82K8nfNtfWeg8s2qlLlWYuG13tfAlgbXXh4FgXG1aU:+dM82dPsH9JC","tlshash":"4303842cb012cfbe9663293062ad1994e1497fedc526c80af1bd18233bc7ff05a56765","first_seen":"2026-02-24T15:59:15.548913Z","last_seen":"2026-02-24T16:05:43.765552Z","times_seen":2,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-DsqkYkwi.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/index-DsqkYkwi.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-2a445\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jwhzLDA9tEMd8rcK2fxxvvPL50KMCPNOxBYyLmr326lPQQS1pA7AXfR9%2FpycmyT4Ogx1V84V30UBL3VjoY8CdXbQanmj8tYouFrUpx8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034028fc21243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173125,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"4f38ffabd88af770add463630198c371","sha1":"e2f4abf804bffb2d56b7f5f2db53ba512ca11c27","sha256":"db9354b8aaa373e7ff309a9a69ec523e0e4d054c589d19c65cff23741742c4f8","sha512":"ca486e3aa841f97c6d95a0c62c51c41d4e1783005c726c39acfb8c35e58eec8168f3fcbc193fba85be5d88c4568b449af48a2f1d56b61238bcc1234ab79345b6","ssdeep":"1536:g9R8WY5TRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8ni:ORk5jTG8ralELZFOUnusSQilqw7ShHTU","tlshash":"59048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","first_seen":"2026-02-24T15:59:15.585895Z","last_seen":"2026-02-24T16:05:43.739115Z","times_seen":2,"resource_available":true,"data":null}},"time_used":911,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":733,"receive":178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0ad414b33b31e4e078f62a5e4565c9995.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0ad414b33b31e4e078f62a5e4565c9995.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 16:05:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 63760\r\nConnection: keep-alive\r\nx-oss-request-id: 699DCC3AAB4B81343657309E\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST\r\nAccess-Control-Max-Age: 0\r\nAccept-Ranges: bytes\r\nETag: \"BFBB2108158282D17C6119DE5A03393F\"\r\nLast-Modified: Sat, 10 Jan 2026 15:30:51 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16265626009351300717\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: v7shCBWCgtF8YRneWgM5Pw==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":63760,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"bfbb2108158282d17c6119de5a03393f","sha1":"0a436b8ce5b3ab6ee9eae43f1fc70d5038f23367","sha256":"770fecea904abb6cadbb0a0198bdc03ff7296f074da830c911427c927afa9de5","sha512":"d242cbae348cc0568af039969f9727f4d75ebc649ffcde25254285afc57ea196009f76ec020f9691f37aab61065ba763f8f875455faff51fa80bdf30ed27ee02","ssdeep":"1536:qWhQmDl0bma055lJKCSnDuy3htsOAU4WgXrl9FL4+yipqnNDy76:qzmUDGnAu1OAnrVLSipQA76","tlshash":"de53dfdab25c7f4adb9d47b041235b927ff009534365c36b4762322a48b6fa13c9eb18","first_seen":"2026-02-01T00:53:28.888706Z","last_seen":"2026-04-21T18:18:07.338895Z","times_seen":9,"resource_available":false,"data":null}},"time_used":2188,"timings":{"blocked":814,"dns":1,"connect":272,"send":0,"wait":283,"receive":268,"ssl":547},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/crypto3-Bi713gOj.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/crypto3-Bi713gOj.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-b011\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=11474T27Py8QwQS6yPZ01sD%2B2%2BNpnWwajV%2FqqAz2QGr3MDztKdwID%2BMbOdG7Nxdti4WnpbwRKZLb840CdLpAfIhIsrvR6R5IGv997F0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d491f1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45073,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"7401918092026d21dd7dabc67295ef49","sha1":"53db5a70917874eaeed05b2e893bc51c3333fb5c","sha256":"5614ba3ba38256cc9cd354af165e23840713bd66181a33aa47b5746910dc45ae","sha512":"4875d2e3900f88a580d44720a02e6e934421dad709765ea34858f5a611c080febbe525fa52ee4f9d32fcb0a6e07bcd3e4243b43dfa2a737ca3f7659319bdb3a9","ssdeep":"768:lCCSfM5x3ifgWTfcVXTIae3k4NrUnRsK3rFh9WhT0v7zIf+B2ow:1SfM5kf/0VXle0OUnyK3gTPow","tlshash":"aa13021e41a4b5b23e0fbf571c29db00d3a7e7d58613da17c9d6855846050da31acefc","first_seen":"2025-08-26T17:46:37.219207Z","last_seen":"2026-05-30T18:39:08.460111Z","times_seen":88,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":371,"receive":174,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/index-bg-Cig16shZ.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/index-bg-Cig16shZ.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitfinexc.win/assets/CookieConsent-BKtXZsW6.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-b2fa\"\r\nexpires: Thu, 26 Mar 2026 16:05:15 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uKGUez776geJMyr%2Fm1%2FrQCXI8YBDy4Bn6wM8cjeO6lbJ5sE4E%2Bhi9nTVJy4tb1VDxtci%2F2G8GSBGBjvgF8A2QorKhpmYsBFO19IDMss%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340dc9441243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45818,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 706, 8-bit colormap, non-interlaced","md5":"c09495fae9b3b9afa21e4f85338186f6","sha1":"de7e184687afed539def40fcefe0e9315596e07b","sha256":"6e82c55cbd0ee19a044a5ec37c31769eeb6e168802c661640cc683e6b3e8733d","sha512":"8268075ddb43eb44937d88d3542d2fa595f0896f76c48ff52786673de1b486274d13880754df9605fa3b303bab65dd5bb02ca5bc33e88acda64dccbf16285fba","ssdeep":"768:A6+sg4W9+cPJlO1NctTpA2+fzAJjIaZjVcpjO6X0BvRURf0hrv4llB+86HFhekx7:7+sg4mnhlO1NUdAVfkJsdNS+MHe0r1PB","tlshash":"d523f20a976dc409b8497e7d8fa48700a882cf97602d873d7e913a1de938d534f89cbd","first_seen":"2025-08-26T17:46:37.246586Z","last_seen":"2026-05-30T18:39:08.453264Z","times_seen":88,"resource_available":false,"data":null}},"time_used":1654,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1467,"receive":187,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/ETH.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/ETH.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 16:05:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 9807\r\nConnection: keep-alive\r\nx-oss-request-id: 699DCC3CAFAD5B3035350578\r\nAccept-Ranges: bytes\r\nETag: \"12D9722461759CEFFF02D9076A3D2718\"\r\nLast-Modified: Tue, 22 Oct 2024 11:43:01 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9445008190181339835\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: EtlyJGF1nO//AtkHaj0nGA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":9807,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"12d9722461759cefff02d9076a3d2718","sha1":"6b763fea0b17257a36b90c465593e1629aee0564","sha256":"af89450e1873196692af0d9d4d0c03218b4be8091171b9d8f7349298d4e82586","sha512":"8eb0f616162be914a3945fb383250796e1134da22e8ae612f403f28804ac04b7fd0f607e132403dc28505d80377c9281601cb23ef1f0814e08584428f3efa05f","ssdeep":"192:4V3ZO9Gxo9H+wp5qh6BKfMPaB2kXTfwoVqO2Rzhj7TfhBcHEhaI9yLKKD:4V4GxoYwp5wQKfMP6LXT7V+RzhzncpLb","tlshash":"7112bf66ab39a301d66d2bbe5cc59302db15ad10dfe14a3fcb840980370c6f9de5a6c4","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-06T04:02:55.279904Z","times_seen":599,"resource_available":false,"data":null}},"time_used":1343,"timings":{"blocked":1068,"dns":0,"connect":0,"send":0,"wait":274,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Login-BXX23Cs3.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/Login-BXX23Cs3.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-2d2b\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z7bn2un2xbuUEr4ab0ycNqBaX1uTK7ECW1GLZ0OwHa%2BKv5Q33yA8XC9YNDXcH22bq0sKxqBx2ZmfCYr7gZTYWKH8rElhrynXbvFwXtI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f4baf1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11563,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (11556)","md5":"8125dddb4babfc73b962dcb43a1381ca","sha1":"a0c801614058782b2f3e18b0417020e76ba6494d","sha256":"07991c0a0c9205460ffe40b5acacec4389e333502a3f5fb1d6a6943ad292b874","sha512":"e17e2f0e0306ae912c976287d80f146df09a9f5af98189a4275bb9fe736fe6ef26632e667b194597031cc8b03abe48591f6ceb4159a48cddafccd0bfa1d78e38","ssdeep":"192:5MTADOgYQNzN+dNWNTpknH3caQKkn3ELqKDN/5qxBy+d7PEwjNwzPZdasQWQ5QUS:5/YQJIUBoL1Ibp9JyisQWQ5QbDFHiq7H","tlshash":"0832b6c87512abf99bb30825b6047935b4185f99c067c48ef3f84c317bdacb66a24379","first_seen":"2026-02-24T15:59:15.547824Z","last_seen":"2026-02-24T16:05:43.768594Z","times_seen":2,"resource_available":true,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Login-BXX23Cs3.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/Login-BXX23Cs3.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-2d2b\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mx04kU234Ej2TMz2IBS159WwupU%2F70bfOEDnILl9L%2BUTMxz0H34pNzv5vEqHjLtEvnCqwG65OzFUcxAEClCGMiuPx9DtYcwvstKWhwo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034229c411243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11563,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (11556)","md5":"8125dddb4babfc73b962dcb43a1381ca","sha1":"a0c801614058782b2f3e18b0417020e76ba6494d","sha256":"07991c0a0c9205460ffe40b5acacec4389e333502a3f5fb1d6a6943ad292b874","sha512":"e17e2f0e0306ae912c976287d80f146df09a9f5af98189a4275bb9fe736fe6ef26632e667b194597031cc8b03abe48591f6ceb4159a48cddafccd0bfa1d78e38","ssdeep":"192:5MTADOgYQNzN+dNWNTpknH3caQKkn3ELqKDN/5qxBy+d7PEwjNwzPZdasQWQ5QUS:5/YQJIUBoL1Ibp9JyisQWQ5QbDFHiq7H","tlshash":"0832b6c87512abf99bb30825b6047935b4185f99c067c48ef3f84c317bdacb66a24379","first_seen":"2026-02-24T15:59:15.547824Z","last_seen":"2026-02-24T16:05:43.768594Z","times_seen":2,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T16:05:09.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:10 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DahU6H4j68eN%2FbLHx%2BHNhkirwMjzADMmLcklPt660J5zbx28QM%2FeG%2ByHtsb6cnDE9fe5kF8k9wAYbfNMiB88%2BTc%2B7aBoFpJpgpdMFoU%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9d3033f19fcd5621-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3701,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"3eade17c35a9052dea83a49478410774","sha1":"8bc22a68b708f26722b995580bd09d6a1d9d1057","sha256":"90a5ced5d9cda58b2fcc8f75eda9a4679acc339ee2e547f0a4c49fc428f8d335","sha512":"957819e11bc3eb9bebacc5e32f09e802bdb3ff6a85c74fe8a097938620fb45b3c38ec10fa255ffcba67f9486604188e7d542f5885e61cae7059cfffe1118b6f8","ssdeep":"","tlshash":"167122238ab88c1813a1a33dbfe5b1858a365483d61d5968b44c299d4fd1fa486e3bf1","first_seen":"2026-02-24T15:59:15.584514Z","last_seen":"2026-02-24T16:05:43.769616Z","times_seen":2,"resource_available":false,"data":null}},"time_used":679,"timings":{"blocked":48,"dns":13,"connect":8,"send":0,"wait":583,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-Bgx9-hSl.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:10.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/index-Bgx9-hSl.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-1d514c\"\r\nexpires: Wed, 25 Feb 2026 04:05:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=23DRALrBoEEqa4IM246%2BUiXrcmBT4XEBwg6u8HJqBLr7H%2B33F7z6itohuDxR6nzsPoLJ7MAENlhb5kj1Zy6ZUsPwGRs1nff68m43ZAw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3033f64e401243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1921356,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (33325)","md5":"b0fa764b70f457d90609187241d319f8","sha1":"289402d74ba1293c6204b4fbbede3bd0b85e7866","sha256":"d56d5a81677fad0c79520b144ece7e232eb19834999522b4ba76c5f596d03e1a","sha512":"c8ff57875dcbc3edd14853fb6cd9fbe7c170b137203bedaf77d5e32af0489b6e049eed1f15d179fc51f1015b1744445a1757e9282e5a6c77f81439af00abaa9d","ssdeep":"24576:e0t9UzEet33btbN91hQaTkjMtgwYfSFRNWV9UPBBB:e0t9UzEet33btbN93p0AgwYfSFRNWVCl","tlshash":"30255cd8b682f06107e755e540bb0006f3397e157449c0e4f6b998eb39a9a9ca277f3c","first_seen":"2026-02-24T15:59:15.526071Z","last_seen":"2026-02-24T16:05:43.770404Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":719,"receive":902,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/common/getAllSetting","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NGb30kcYeUscw6P2PZQ1nr5o4vrFjociLZykCf7%2FY3RYRHXjtxVwDbS3EgcTgrJhLx%2Fbb4%2Bqj3Ps62J0UCdgsqIufgVAiqo6cJ5HAPs0rvdgbkIqS50%3D\"}]}\r\ncf-ray: 9d303402ab42fb58-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T23:09:45.281132Z","times_seen":16194959,"resource_available":true,"data":null}},"time_used":731,"timings":{"blocked":52,"dns":0,"connect":15,"send":0,"wait":607,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/account-BMFpvqTr.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/account-BMFpvqTr.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-450\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vq2uCwctklu9XpTZBrPD88wMnlFy29l5XGenweNtpZ1CnR8EG%2FZ09SWDYSuin0ianyP9raZmEHr1Cx0nlqJdR51FxVgfXg7jMUfCF0Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034028fc01243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1104,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1103)","md5":"ebb83d0cc477773ee56307c8658644e3","sha1":"15e0267a988edc4d35d79f4dd473a9f57bcf3d68","sha256":"c0bf5e07697bda7a5d5ef171fb669f80c6802dca07daa219ab14e7a050d21800","sha512":"ca5465dfcabfac14aca473c7ceadcf3ca091510c71c55d1344ac42940e3e8f2ae7863e57aa78390b166cfcb442ddfdf86d206935a6de84052e943cd1ebc9d206","ssdeep":"","tlshash":"fc11048a8e4e52f7fbb0be1260d02e03c01b6fb5ada24472f02d957752bd044c62db14","first_seen":"2026-02-24T15:59:15.5811Z","last_seen":"2026-02-24T16:05:43.772616Z","times_seen":2,"resource_available":true,"data":null}},"time_used":563,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":563,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/common/getCoinContractList","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"POST /api/common/getCoinContractList HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:14 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SbnskY54i1fw7PjvTWJyAHZy6ffxFdUKeDbKMPOAhxmloCDRPfxeAB58gEJR71dEcjkZ8moyLU9hXFU%2FrWbvSpHVPuZaqsrVClTONMaJD2hZPJ7bI7g%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340b1cc5be94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80928,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (64832), with no line terminators","md5":"3725646c69bf8a4a8aa121776c5c2ef8","sha1":"2f09f828bfdec9671b03249cb44ec9426b881855","sha256":"e98c70917fbb51195e51a3493eeca7b77421fd6254e67db2dc055422e59f645b","sha512":"18c30661db93be2617a2a83d167662a76d0491f7b561a291e427eb83e28ce20d5424520ebd57d82f69232a07ffb738adea29b4a6b8b987622ad4ad7d2241e621","ssdeep":"192:uXGeX1XnXoHXeX6XzHXgvYXCCXJXqWXyWXJWXvWXdWXjWXeWXdX/FWXtWXAWX0Wn:f5QQPGd+zVlYrCNf","tlshash":"d683bf41163865fdc730e0d42f2b7d0682ac35efadce4826d6de8d994ad4af1670af06","first_seen":"2026-02-24T16:05:43.778735Z","last_seen":"2026-02-24T16:05:43.778735Z","times_seen":1,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":0,"dns":1,"connect":0,"send":0,"wait":389,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/tech02-fCe8e4gN.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/tech02-fCe8e4gN.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-15fe\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EFG3ULpzkTitRZUdCn3XcnCVx7N1Z49CxsVQXl2V5Je%2F9EHaliWU7ZFE1N4ahZ4Vxa00iUz%2BegIYA4GBqcbf91uGDMSHYvWL03wM6lg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d39171243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5630,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"9f0f4960f780ae1e5e85227bbe3383bb","sha1":"f8ee4ead676d1560556168f55b35d53fe32a6d41","sha256":"7cae8a74bc918d12efb430f71dd41d15d06ff373a260547749045449ef9f241d","sha512":"cb7b17a623bea5b449df7a2c0b27ce3e9f8040b3d51bf0be975a798349085e09ed86be8911600ed54a2aa48c11dcc64987c2d1e625560df781108a7afa4e8bc7","ssdeep":"96:A4+Vq+5u/C6+xiKXdoPS2bcPvnGSzKHRe4YebiR0u0tsroQiWcUU9+82gCUuSq48:A4+OKXcSfn7zKHR1YegwscQiUU9+vgCR","tlshash":"d6c18e4e24bdb9424820166045f90171d8aeef522a2f61189b61078ce9983fff5adbdc","first_seen":"2025-08-26T17:46:37.297934Z","last_seen":"2026-05-26T16:34:37.742253Z","times_seen":72,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":584,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/TradeLayout-CaSYV84t.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/TradeLayout-CaSYV84t.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-65575\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2xX5ebNn91YmtPOk4XGpNxv1b3TCjXzCel98isDNfSeT4dXbFsvQnIqZFXQBvAmN37Ukn7dMbPx6sv4HNp3Ym2OokKri6lt3Nz%2B%2FIBY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f6bb71243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":415093,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (48043)","md5":"4aa7cf8af4759cd861a60d2d439f34b8","sha1":"e0bfea61fc18ff0e652b2cef53b157ef2e6ee915","sha256":"ff7075f56e8f67f1bb70e587dcdf746e117eda2c49d113b7c151e51fe52a00be","sha512":"ac1429b420da8ecbe05414c719e530b5dee42741aebe2161272e32886b630207555144502df93b0d259ab8c00994f175575240ab1ab108d016847d1cbb15a603","ssdeep":"12288:U37MnWzG2+iFeq6Zz6uSxNbn6e1sD5skFW:UrMnWzG2+iFeq6Zz6uSxNbnQ3A","tlshash":"a194f580b162e53993f391b5107a0401e3197f89b00686adf27dccd73eaad9971baf74","first_seen":"2026-02-24T15:59:15.517509Z","last_seen":"2026-02-24T16:05:43.787077Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1072,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":723,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/TradeLayout-CaSYV84t.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/TradeLayout-CaSYV84t.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-65575\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rgnEP8Zzv6HBANqACgKoc12kXL%2F60BoxPfPlIbCKnEmuFrAPfRfxslH8lc0fQLDDWzq2IPN7TlukoaMCMZ8wdeimYxaRUh9HinglXd0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034230c7b1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":415093,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (48043)","md5":"4aa7cf8af4759cd861a60d2d439f34b8","sha1":"e0bfea61fc18ff0e652b2cef53b157ef2e6ee915","sha256":"ff7075f56e8f67f1bb70e587dcdf746e117eda2c49d113b7c151e51fe52a00be","sha512":"ac1429b420da8ecbe05414c719e530b5dee42741aebe2161272e32886b630207555144502df93b0d259ab8c00994f175575240ab1ab108d016847d1cbb15a603","ssdeep":"12288:U37MnWzG2+iFeq6Zz6uSxNbn6e1sD5skFW:UrMnWzG2+iFeq6Zz6uSxNbnQ3A","tlshash":"a194f580b162e53993f391b5107a0401e3197f89b00686adf27dccd73eaad9971baf74","first_seen":"2026-02-24T15:59:15.517509Z","last_seen":"2026-02-24T16:05:43.787077Z","times_seen":2,"resource_available":true,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":350,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Footer-BNY223Mx.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/Footer-BNY223Mx.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-2ca3\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BGwZD4FKXAX%2Bdb79SJyhcepwEYxSio6AH6GS6dxtQW82RpYzuHVuhQT36yfvUlDRCo6N6wZD%2FHnEThA1Ta3aJBxN2sEb2yRBfN5T8QM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340878881243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11427,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (11426)","md5":"bb7543e9a484fca4522f5507ff9ca816","sha1":"8a731ff3f2ce04af8db2e4e12f12f92a31079f74","sha256":"82922f0e4c98bba5e2be6f77afc3f21f93ee3459204a87f62c30ccc1e7fa31b9","sha512":"14deb2b64a0974b7de466e995745f9358aeab31cc79b1bc0ed0ad2855e85dcee0f76195a5c1dcf4bb1e387a4763e59d44f7c796238490f9299cc27147811d6fe","ssdeep":"192:v7YvNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGT/:MvvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"47321a047973c9f9c6b784b4b8415510f238bfeee56bc85ab3fd890a17ced390a06260","first_seen":"2026-02-24T15:59:15.528703Z","last_seen":"2026-02-24T16:05:43.789141Z","times_seen":2,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/crypto4-C1r0vD33.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/crypto4-C1r0vD33.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-4bb5\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3eVUCmwU1WLNshb3zy7Uy7WykV%2BwWLE9YmXNs2Ec%2F35vZDT6AtqybpGjBh1aUAAKaZ9zV4f5SfzpfMK3B5lSBHE6lAkAyQ2Qb5e6S4w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d49221243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19381,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"d067618d9d6147cf94031dc7b0e54f34","sha1":"9eac76e72b792627e4262bb3c3349b9a95e76a14","sha256":"51e7de570156dd0d9f5be2aea42306c4e0d810e2f5031ccff71f7a2b7707bfeb","sha512":"1cfbdb4d59b63b7508ddfde9cf307fbbbcc21c9eebcb17d05b5a52c0689acf9a6c5cdf75138ab87ae4d2eac26f12834fc4c4e0e23e94bcdd489b53264a93ce43","ssdeep":"384:SYrMlXfj/ycORUUZpYLOsa70OEU1pKfX9jLKAd6NL3UvOfaDYMAG3eQKRD0:OvmuUZgjatEU7KFjLD6NLasbG3eQKRD0","tlshash":"7692d14cf04b18795a05a41f191ad42bbd1ede7ce81b0123dade0d7945cfbdd9a44348","first_seen":"2025-08-26T17:46:37.293947Z","last_seen":"2026-05-30T18:39:08.485996Z","times_seen":88,"resource_available":false,"data":null}},"time_used":971,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":971,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-D_D1e0w7.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/index-D_D1e0w7.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-50f2e\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uqW9SVlu6q9Zg8sdJtDCaKk2GROr%2BFKJcztytSEBzE8aD88gVTKttcY22TPmL1Xm%2FDrj92Vr5Tw5IgEbDfyh%2BDmfGRgkGq5ojRXENnM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f7bbc1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":331566,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29586)","md5":"31e8610c721031b880d37b8a1e081c9a","sha1":"2b26fa6c650aa90c4b53d5767b6d458e0d67992b","sha256":"b678a7ae0ce1d286b8314a0b6500fa4b362e986380e804043ebdf745d00876c7","sha512":"75e4d71793e4d0f250431195158c2cd92c885a08e4e72daa421020fe1fdd77499e11cef518a90d0888e32d009cbc2c769c364a93e22781af0d3de0893f8b3e25","ssdeep":"6144:BfIyxrxeAbERhW+M4e5usVKBDtMAyJjSpBBPWG5YhiPmy880z+8Ff0kvmUyPEmIY:dIexeAARhW+M4e5usUBDtM1JjSvBPWGb","tlshash":"b26409847252b27a83f305a2543e4405e2257f88b107c4ddf1fc4cdb3e9ae9665abb78","first_seen":"2026-02-24T15:59:15.521001Z","last_seen":"2026-02-24T16:05:43.76478Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1062,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":715,"receive":347,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/CreateOrderModal-Dq3M96Ax.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/CreateOrderModal-Dq3M96Ax.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-3f90\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IH5DZ4IUfSb17SLHYhk40CO6JSz8yqH8%2B7IeRRz4gQggG9CpFd8SylBfm0zNIlinRjwAlyiN4mFShB%2BnXwsNRGkU9Qh7TnOeU3tw1vE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f8bbe1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16272,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (16271)","md5":"0d11b51e7c897f3916d3a2e9e6d346f4","sha1":"4b9e6a12d0860db1338c00342d61e1dd714231d4","sha256":"c04356ae51f6d866828a6e4a26377216bd00349fe6a0a55ba48ccdfb60e58afb","sha512":"ca0456e1645ca7edb9b5e33d36044b1df05112ce339e4bd3820bf7d6fd4e1be28a8f4cb5fb1324a5b6b589664c46eab9e38ca6dd67f89867bf8db61bc9f156d8","ssdeep":"384:a5fMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:ahMuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"8e72c93c70d0c9be9473d176a2cd68244048bfcfc6635bcef63da66415d9ca15725a2c","first_seen":"2026-02-24T15:59:15.566062Z","last_seen":"2026-02-24T16:05:43.79627Z","times_seen":2,"resource_available":true,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/SetFundForm.vue_vue_type_script_setup_true_lang-BbTQdYkd.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:18.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/SetFundForm.vue_vue_type_script_setup_true_lang-BbTQdYkd.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-a71\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T%2FDVUXxie1QTj%2FNV%2B8bQU9c8T9o%2FGN%2FWEwHOXbrB8%2BOVfQ37V3mrEqVuUzLt38IKCNjqt%2BMBH8WDkyOZd0wHw8TJhQz%2FfXC1LfbPeWc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d303426bcd41243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2673,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2672)","md5":"4032e85aa409b431faa1a8e7bbff0ec3","sha1":"9867279ebf6cd5d205675137f1e4c55d771c09ac","sha256":"4ffef19e3b976a6f40e7c8f31be30bdd55ea228d6f2e2195e8c0798bc6884277","sha512":"913ac3f6b28b2d7b049dbc512c85d566587ce2d69a6539e0bb28632d4365dba30c5df23d7e9e3d17513b8d7c06cc55e4bf6692d954916f14d07a3bd0bc6bb943","ssdeep":"","tlshash":"d651540d24b2cfff26c3a238224e2168e0c8bfcfdb308755b66d407226c99f53619a55","first_seen":"2026-02-24T15:59:15.567108Z","last_seen":"2026-02-24T16:05:43.798865Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/index-Dji4SAva.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:10.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/index-Dji4SAva.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-37366\"\r\nexpires: Wed, 25 Feb 2026 04:05:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7WHlosuj6ZQGhW2yqzmsM7RKm5wsBuB%2BL%2BBsDRm%2B70zFQBx4Zc47l3Xs52AsxiVKcjto07Zl%2BSnp43Ndlu4qCG%2FPMgSZfqTvzUCbqds%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3033f64e421243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":226150,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"08d8a7a4902164df55535158b35b0a9f","sha1":"6298a579e9ce7c66b2d3f7da078b470207328209","sha256":"32177e4354a6c83883a45c41bd73f22679bb5eb87a295ac98e0c76c58db2b0e5","sha512":"063131f014602d524e04da428c11bcc7d2f1db653bf2880a13f4b15fd157115a1d929bd62e1e4eaa44095b1c9b4570f4ede9acdf532b4f92d6acb4989455d682","ssdeep":"6144:6ExgAtraQez/N6ijqI+ChRk1Cfvkauh/XmKund9QQ4R8eG+Qkq7sIY6:ec9IH","tlshash":"a72465bde28900e63b36cca6d374779d6029f6b1ca955d95f81b501cefc33a106c2a78","first_seen":"2026-02-24T16:05:43.801068Z","last_seen":"2026-02-24T16:05:43.801068Z","times_seen":1,"resource_available":false,"data":null}},"time_used":916,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":734,"receive":182,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/common/getCoinSecondList","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"OPTIONS /api/common/getCoinSecondList HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AG%2BtD3IMzfa%2FTilT5lvFxxOlNaQ50ukggR5aejjjArPOoeIBv5SbxL1d5TkD4TiUkDiFxQgv%2FbC6vKrsHSBxGOP1chHXPpZ%2B9TX9HrnoFHftZkyr9RY%3D\"}]}\r\ncf-ray: 9d303402ab32fb58-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T23:09:45.281132Z","times_seen":16194959,"resource_available":true,"data":null}},"time_used":733,"timings":{"blocked":62,"dns":1,"connect":8,"send":0,"wait":598,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/CookieConsent-gCDMgTiv.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/CookieConsent-gCDMgTiv.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-7fa5\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vn7YIS326hzm9n%2FAofDs6TPRHfG5m65u0ckgU4FqPyiHDO2iBuGOv8TfSa6HtDbZxxV%2FCtfCRQi6KjQbh794JVG7zPiK4kNO5T%2BtYTg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034028fc41243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32677,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (28844)","md5":"9f1884f90d01fe10ae788051b6bf62b0","sha1":"22529b88e20870b6214fb53903eb656ee5a79e3c","sha256":"1941ebb644daa8e51b3c8d4e6186c8dd521f99041dac34b491026601ebb4604a","sha512":"b50c8803c11e94974d806fce989b729f374d50457a5849c2f74e069413e2142bb4f9a45c08edd3e2506f94673c1fe76f903dba4e60f48541b75b5de854d4646d","ssdeep":"768:hr5jgT5ISSBGZo4mrwrS0yIpdmjriD0PbnPex4:IeVsmrwbpdeioX","tlshash":"83e25c05e806eeb9d7f31634744a7168a4387fd9c25ac47aa3bd85232bc9f728763314","first_seen":"2026-02-24T15:59:15.540518Z","last_seen":"2026-02-24T16:05:43.739782Z","times_seen":2,"resource_available":true,"data":null}},"time_used":826,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":825,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/account-BMFpvqTr.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/account-BMFpvqTr.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-450\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rys%2B%2BqPskabPG1N8q3gQyOAgbDKgLDiCYiwq9wR5GBfK6%2B0qzXG7hbKcPTfq%2B%2F7Q0hnIIFApfCIobsyQah5YV%2FqyJpwm%2F%2B8hAC3wh6A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340878871243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1104,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1103)","md5":"ebb83d0cc477773ee56307c8658644e3","sha1":"15e0267a988edc4d35d79f4dd473a9f57bcf3d68","sha256":"c0bf5e07697bda7a5d5ef171fb669f80c6802dca07daa219ab14e7a050d21800","sha512":"ca5465dfcabfac14aca473c7ceadcf3ca091510c71c55d1344ac42940e3e8f2ae7863e57aa78390b166cfcb442ddfdf86d206935a6de84052e943cd1ebc9d206","ssdeep":"","tlshash":"fc11048a8e4e52f7fbb0be1260d02e03c01b6fb5ada24472f02d957752bd044c62db14","first_seen":"2026-02-24T15:59:15.5811Z","last_seen":"2026-02-24T16:05:43.772616Z","times_seen":2,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Low_3-CoMiX5LU.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Low_3-CoMiX5LU.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-1da0\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v3JLtRJz8ejWfTXOYwvaOAcrYWUa%2FZFOUxkrd%2FZ%2BL1ZtZtv1vV6KbNWaIyReuM75pDyFQrfr56V4QgYH5GvIcZ9snZrkRrkZ9zeoiB4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d79331243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7584,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"a8b00a7e3bf2f70c8c4887d24abe8b51","sha1":"92ce419cdd7ab6e8d8e7bc05500761fbd08eaa9a","sha256":"8f98a9cc45245fbac829f6a93e5e24c3c5e3703ce68eb080d4c9421c297dee2d","sha512":"9db0c799a8dc0e938d327e0c20f3cb3cb98d3260668705dda23fb04e73efe9278988f6499b2f96df201da432efb01a8b5ae44efe08195914b02479dfe70bdc23","ssdeep":"192:8OSF296sDSSaQ+8CQ2twPskLuqpZ+DJ72iUyoutP3QB:+I6OSZs2tnkniYiUyo2E","tlshash":"c7f1b0d7a5e96df1f736311988dcd2037f0fb258a6a00a66f5039a84e7f450c870f061","first_seen":"2025-08-26T17:46:37.283171Z","last_seen":"2026-05-30T18:39:08.433138Z","times_seen":85,"resource_available":false,"data":null}},"time_used":561,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/index-bg2-DH3H8kTp.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/index-bg2-DH3H8kTp.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-415bf\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eIy3N%2FyKkKb1HHPZ43CeO5P%2FASPCM3bAtAl4TLBzJekygXT856Vw3j1flR4%2FKm2JW0%2Bi4IATvDLJe5LYIWRR%2BEm4xNK3%2FqYD0NRjgQc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340dd9461243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":267711,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 734, 8-bit colormap, non-interlaced","md5":"4e2ceadc2a00a7055f2d30b675301f2a","sha1":"23544a569e9f2129980acabcdef51b8c225117dd","sha256":"0113b32c782902d3f6c16a832653c99172ac40d17a454ec621e4366ef56cc280","sha512":"3c70550b3a9821a4b962341fd0cf08bacdabfdebe7eaf65a77946211a78701d72c5a8e321e24bca94be9634c4af66deab691317d98709587f23b5efb556b3d5e","ssdeep":"6144:fHeZ8M1KxbmeW02HluhfdZ9de39D3Jly1ZBWIUL:fHeK9xTWVu5lul3JM1ZBWIUL","tlshash":"b344230c360554c3edf7d874b31cdbfadd9b3cbf249d8528a672a36a4aa502c15c99c0","first_seen":"2025-08-26T17:46:37.264725Z","last_seen":"2026-05-30T18:39:08.471318Z","times_seen":88,"resource_available":false,"data":null}},"time_used":1272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":725,"receive":547,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/BNB.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/BNB.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 16:05:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 12869\r\nConnection: keep-alive\r\nx-oss-request-id: 699DCC3CBC6A5B3238EF314B\r\nAccept-Ranges: bytes\r\nETag: \"A533EECDEE5A789E7D94F8F79F95D588\"\r\nLast-Modified: Tue, 22 Oct 2024 11:43:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 18158548296662870332\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: pTPuze5aeJ59lPj3n5XViA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":12869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"a533eecdee5a789e7d94f8f79f95d588","sha1":"f1ae6df3a9baf6dbec969c6d1ab622850a282895","sha256":"ea257fac91d01858b7dfd0361f8b480caeb3d57b080570ef4b4f41d5d7e68c90","sha512":"e46ca5c2239c89c783805b1f4e17664118e57e95dff6513b8ff917aaaa763b922c6286b48d0e6daca644ae30c3e821674dade74a056837865353b451c50d074b","ssdeep":"192:3GSu8nGgOCcrSaheqQThcTrOcOAasSqXzcxfuZWfWOKJ6mVgCd7mOOwRB0IG:5/POzrSTThcTaPAaFqXzcqG6ekvP0IG","tlshash":"1442bfd83898c3e455233e69d56e4c138122251a66588517f22a2b7dbf03af27fcf1e6","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-06-06T04:02:55.266893Z","times_seen":677,"resource_available":false,"data":null}},"time_used":1429,"timings":{"blocked":1149,"dns":0,"connect":0,"send":0,"wait":279,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cservice.vip/assets/style/css/chatStyle.css?v=1771949115842","fqdn":"cservice.vip","domain":"cservice.vip","tld":"vip"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:16.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cservice.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 21:47:19 GMT","end":"Tue, 07 Apr 2026 22:46:59 GMT"},"fingerprint":{"sha1":"A5:63:FC:3B:CE:6F:DF:D0:D8:AA:87:18:27:C8:A2:B4:01:3A:99:27","sha256":"4C:2E:05:A9:16:CC:FD:8D:F0:D5:92:B1:5B:29:A1:E8:A3:D1:0A:D1:95:CB:2F:83:92:31:F4:55:56:92:B2:14"}}},"request":{"raw":"GET /assets/style/css/chatStyle.css?v=1771949115842 HTTP/1.1\r\nHost: cservice.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Mon, 27 Oct 2025 16:46:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ffa1e0-b303\"\r\nexpires: Wed, 25 Feb 2026 04:05:16 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9RwvZ90E6X8YVH6CMyarFcXSvR70fPW5rnDzkf5%2FwaYhVtx8MEiOZITtsair49LmBT3CFanfZnDvBAkLYdQnbKRzLknFP7pwqXVJvQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341a0f7cc8cb-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45827,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (1414), with CRLF line terminators","md5":"7f04d716a07903513dd26bdc041cded9","sha1":"87cc4821c93b3691c2cc6ed6c07504f9c5030d5d","sha256":"eca5ab3a8577e84adaf245950a20cb525d5c762c14576671dbcdfc9a46de476d","sha512":"f4a86fb88cfef3906b7debb45e8d4d02a58f4afbb14ff8479e630c3f8c84f97be7d3996d3e399f29498f31066c28fb7a63d8a83e00bc151686e434bf796cd0a5","ssdeep":"768:b8hjh3T4m4G4/4y738BY8+kJYcJHJlxGSndLcR4xhQ14YYi631N8VNi3rdwLcKda:Izr9l","tlshash":"b423433ceb65218da123b4a9bff16be5af514013df0b06a5b5f17a38c2504bd39712d8","first_seen":"2025-11-30T14:17:39.779365Z","last_seen":"2026-06-01T14:33:52.135698Z","times_seen":100,"resource_available":false,"data":null}},"time_used":809,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":809,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Footer-BNY223Mx.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/Footer-BNY223Mx.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-2ca3\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gpYzwsIdpC7fqUBI5WiD2x8B9EWEvCPcX%2FxvuI3ukHBv6JfdXAfGGxPdTVJKw2JtIKG1wzXKWC9Hjr6%2BypRTdp7tsgbxPmomGGWBZhI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034028fc81243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11427,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (11426)","md5":"bb7543e9a484fca4522f5507ff9ca816","sha1":"8a731ff3f2ce04af8db2e4e12f12f92a31079f74","sha256":"82922f0e4c98bba5e2be6f77afc3f21f93ee3459204a87f62c30ccc1e7fa31b9","sha512":"14deb2b64a0974b7de466e995745f9358aeab31cc79b1bc0ed0ad2855e85dcee0f76195a5c1dcf4bb1e387a4763e59d44f7c796238490f9299cc27147811d6fe","ssdeep":"192:v7YvNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGT/:MvvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"47321a047973c9f9c6b784b4b8415510f238bfeee56bc85ab3fd890a17ced390a06260","first_seen":"2026-02-24T15:59:15.528703Z","last_seen":"2026-02-24T16:05:43.789141Z","times_seen":2,"resource_available":true,"data":null}},"time_used":551,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":551,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/ArticleViewer-NZgUlOne.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/ArticleViewer-NZgUlOne.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-963\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gtnDv87q7DStlYRRuc4ie19HeCE9eSeFJSX2DuMUz67ECQJp5s01OF%2F%2FClGm5mgBMGrJpR5A51HOzEfoQtTjY2QDXGhCcrAxisD0z9k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340878891243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2403,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2402)","md5":"60eed223189fc663514c5341bcff77b4","sha1":"6e21fa058a31f9fd6f257aa57e96c61d58ea9c2f","sha256":"db75c12e3096e41da91a37249a4e51d1cff9628a5cba108f4f89632ea24438f5","sha512":"74349c249f9cfeec30882c7947d925e1482970ead26a08d2a2b5558cb0b839146148fd23bfd5370e962ee7c57558a58ff885967621a1a2dff7664b3d972dfcf1","ssdeep":"","tlshash":"cf41729c6476cfb896f39335a58ad6549044bbcad7118a89727e582a2fc0eb07a5c308","first_seen":"2026-02-24T15:59:15.568903Z","last_seen":"2026-02-24T16:05:43.757945Z","times_seen":2,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/index-bg4-4HzhR67G.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/index-bg4-4HzhR67G.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitfinexc.win/assets/index-B4CX758G.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-62509\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XWRaZKN5CG4%2ByF5xn8PXFCjFg6eOIR8aEOiRQhpG6U6t0%2BXwTQoYXW9KxkKt6C5un2YOuhKU3ScuT%2B6TKLyF4l9nIV%2FfKBCoKuNaPR4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340dd9471243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":402697,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 605, 8-bit/color RGBA, non-interlaced","md5":"e8d59ec576c7863d0a1634be119a9dd9","sha1":"904d9420707d71bcc8fe96d4bc3efd7bf6788e6c","sha256":"9946dbdc4e1830e4d974e4e2306b02eb2840791ae4fc3bfe803405261e8dffcc","sha512":"d7bb56461ed1d44c529ade4434da8ab75e6aba1771b1d76fe4ab4fd43edcecaecbc0a4fad78399b05d9a68a5df695e51e97e979462ee4c838c0dce1526be9695","ssdeep":"6144:LF22gP1p/A7+eFVOe5FE/FplkZ1CAauYMx7pHdxmDMbMzxMuVV58p3IDzZ:LK/NA5FwlkOArYMpxmDMIzjz5PzZ","tlshash":"338412c483210832ba90ee50b5618990d0282db7b405dd7517c7ff836777ba9ac7da9b","first_seen":"2025-08-26T17:46:37.261835Z","last_seen":"2026-05-26T16:34:37.717633Z","times_seen":71,"resource_available":false,"data":null}},"time_used":1304,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":749,"receive":555,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/common/getUserCoin","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:15.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"POST /api/common/getUserCoin HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlanguage: en\r\nlang: en\r\nContent-Length: 2\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KGQSqbMFf%2FnSuw0RqaoBMAC4NimqWePoDa5HCVhXMrZCAE3oqFeDhITemS%2B613vVR%2BuoroNOeixce%2BiCBJH6XFH80ML8bxfamciIOW%2FOIYiBZITB9pQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034116deabe94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":319584,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"b8bda14107a50fd5658dc49d2b6dbb4b","sha1":"9364e2bb19c1f57b0b128890e9697339d0ae98dd","sha256":"9594b58406f49234ec9227d4457147831bdb4bb12a4de0f5fbca66aae1d5f857","sha512":"5f09a813a6f6dc0fc1f1622c1a512d66a182e422a7e76f05e07108837e62c756921b0ed8383d29792e1e06863e77689608611021654377ab7a34360c573ff072","ssdeep":"3072:C3d3pEsewM3XwR019/5ZyqwvdC3LBOlcyw++n6Nku+MxpMOlxxj1qny+5PH:2S3Xwyy/cy9B+5PH","tlshash":"ce64df70ced891dac5314cd25fe3aee01baa33c366cf6c9109a91f011bca635917679b","first_seen":"2026-02-24T15:59:15.622838Z","last_seen":"2026-02-24T16:05:43.810321Z","times_seen":2,"resource_available":false,"data":null}},"time_used":615,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":417,"receive":198,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cservice.vip/js/ai_service_core.js?v=1771949115842","fqdn":"cservice.vip","domain":"cservice.vip","tld":"vip"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:15.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cservice.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 21:47:19 GMT","end":"Tue, 07 Apr 2026 22:46:59 GMT"},"fingerprint":{"sha1":"A5:63:FC:3B:CE:6F:DF:D0:D8:AA:87:18:27:C8:A2:B4:01:3A:99:27","sha256":"4C:2E:05:A9:16:CC:FD:8D:F0:D5:92:B1:5B:29:A1:E8:A3:D1:0A:D1:95:CB:2F:83:92:31:F4:55:56:92:B2:14"}}},"request":{"raw":"GET /js/ai_service_core.js?v=1771949115842 HTTP/1.1\r\nHost: cservice.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:16 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 07 Nov 2025 06:22:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690d9033-44d2\"\r\nexpires: Wed, 25 Feb 2026 04:05:16 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D8%2BEanNfFfy4FT6MhWAPXuaaJNGzUrDxkVgMTbbj%2BG1r%2BCxPd0SaGzXVKB4agIwbDrQ1BC%2F3XUhqRINkWHGvNTmS9pqVkd51QaJHLw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034161d84c8cb-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17618,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (496)","md5":"f18eea0d33964edbd612d61f5713fd75","sha1":"93dd1f6594dcf0f7cbdb44813e4c1f2072961533","sha256":"1bc28f480d9acf22346a0cc22379fce4b7971d6e647a55de5919e641db5cc597","sha512":"5cb694ca839128e6683a513174761ccf1c4147b28d130dc1425112756d81ee61a2c65baa2272e8284264a53ba658a4f77c1753291163dcc4fc5745b0538c5931","ssdeep":"384:m+6aLTFONgSMQDbHer4p7JCA8GaHOdRUHYAnUjZpeZgy4F4Syec71gAQ77/ZMTtY:5xTFeMQDbHer4p7JCA8GMOgYAnUjZpeS","tlshash":"a48241abebbb10724457b4368b9f268435268013294cde203facded04f52a675317bf9","first_seen":"2025-11-30T14:17:39.769051Z","last_seen":"2026-06-01T14:33:52.182505Z","times_seen":100,"resource_available":true,"data":null}},"time_used":608,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/platform/bitfinex/touch-icon.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:16.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /platform/bitfinex/touch-icon.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c3a-177ea\"\r\nexpires: Thu, 26 Mar 2026 16:05:17 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=6,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FPIXsW1TYwR6cAGw4GO8VN4gZwUW56XLxsy0oTPqFUXoYTxWbYh%2F7GiUYfNAklyN%2B4YQpJibOi83dqCLu31MvgbkjBC0nOPBCHOdWLg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341bdb011243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":96234,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"cc60640eb9e1c2e79f544a1d586142a9","sha1":"6e6318de17bc3e92fc3179fa1466a2aeba238a3a","sha256":"a1f207912905721aa4f062e67fdefed94a2f355d589148bd8a79f5f8ab090c2b","sha512":"2d991c62ebb56b251c323877f68af7e557388186ca78418254819c8d8a0309e3ffdd54b14eb03ababdee59b3c88abdb94046187b86b30556065e7ab7d4452935","ssdeep":"1536:9v2HimW+iK6y35pkCUDsr9xbNkFiRBfTB8d+c9YDi8cQtbEPJ52Hx+CW5GMmuG:9uHTJpKQZxhq59ci3QpEPPsW5q","tlshash":"6693011235318897f61ee5bcddfbb8c038a50d338e669a6e36790b4d81d7b225c461f2","first_seen":"2026-02-01T00:53:28.91653Z","last_seen":"2026-04-21T18:18:07.34163Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1585,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1322,"receive":263,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-nLw3Ee0x.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-nLw3Ee0x.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-5e6\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cQ%2FnGz76vEKlqX9ZFrx11wwCTnz6NAjrNlzpRM5GfIoj8iCWNIk4%2F0c%2Bk6HheJFZtwmm6BLIKYB8CnSMXOFhq8xHoaxOIz04o1E3ShQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f7bbd1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1509)","md5":"8a797d296738268b6851ab9c7d075eb9","sha1":"fa2a371a33b3d490dea7c3b300643c28bf9dafad","sha256":"d7c1e840ce1abf8a34249aa289cc6cdf191b78e05561fe8b62cd725ebdef89b3","sha512":"9cbe82057986d248ed349a00f4cd2db0f0659b3745b659a68081199224ed6386f4e76d55e9def4bcfcf50d95e690c2256d5eb430fd5c0e7453c76eecbb5bc7f9","ssdeep":"","tlshash":"f031320d9473cbfc95a391351b9a2168d2947fdaea708bccf36c14723aca9b6592c640","first_seen":"2026-02-24T15:59:15.578Z","last_seen":"2026-02-24T16:05:43.76065Z","times_seen":2,"resource_available":true,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-m-aRwI0X.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/index-m-aRwI0X.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-a08c\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NADxRe%2BuXAEY6PyMT35cDnhS86P354JlJFq5EyeMLoVFDiZS1hZ5c24eb6T%2BOeB8ULHxRnaH0lXEgycolcPWNPD9zd7KXy0%2BXve7jMY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f8bc01243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41100,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (41099)","md5":"6981c694a2f4c56efddeacc4ff0eb8f0","sha1":"362a8560143970bf35ca539eace7c62280351253","sha256":"7b7663d00494cd731f5a1f4ab3df1ccfe58ee02a00101e2993881703ad126c44","sha512":"689cdea72dd0cb6478dbc38443d13c7a925ee64b53321441c76318270acbf3b1b4d8b325e5e6f4a5c77176032565a09fe1b63df6f99dc5e8a691257874d895a4","ssdeep":"768:2MevlM82K8nfNtfWeg8s2qlLlWYuG13tfAlgbXXh4FgXG1aU:+dM82dPsH9JC","tlshash":"4303842cb012cfbe9663293062ad1994e1497fedc526c80af1bd18233bc7ff05a56765","first_seen":"2026-02-24T15:59:15.548913Z","last_seen":"2026-02-24T16:05:43.765552Z","times_seen":2,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Calculation.vue_vue_type_script_setup_true_lang-BMhkdazn.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/Calculation.vue_vue_type_script_setup_true_lang-BMhkdazn.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-4ff1\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wzrKS89W6aFw5AWIayprEKna0x1Oske4Lztf%2F8LHR%2BqhYW1KoqQ5oZo2eXkKSId7acYK3e5%2BneOuqQGt0D2ErtVpGekGagtZUtGSfCo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340878851243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20465,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (20458)","md5":"80fd28a33f6647d8519b15115bcb54f9","sha1":"4fcaa68fcf0f7db4b0fa377f86e5f5afa2913897","sha256":"e0aef006e280979ce50698cda2d0a6b81ecf9785800e941b0d11c85278a84833","sha512":"082dbd15ca453de0052472660512fc79c389ad6cc06115605e93a882a9ad1c80579a5fbf933b5fe63f6e5d3580aa1137e9b84d922fef2c824a89ef52b9a5d7a2","ssdeep":"384:d9SYvdyMTG1CmxcgnJcwV1eBcICHan1BAkL1pkDUaBoiA6UJWM5boWBu5D8daLHa:zScUYfjBcban/Ao1pQUaBol6Ubboyu5m","tlshash":"b392a64db252db3ddbb354f1a05e1014e0087fcad426c497a1bf09933aeeeb11a6967c","first_seen":"2026-02-24T15:59:15.579491Z","last_seen":"2026-02-24T16:05:43.814288Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/cssCalculate-G7yYGhEz.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/cssCalculate-G7yYGhEz.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"698b0c4a-318\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9YHhC1pstEuoUhzp2j8MA0IaRkxtTCq5SKID4vfxYwRr0VAWR2RFNrNUijdlqgJSSrEtHbfn%2BjzBVzTgE8y41oEjMCpvaTHRQdNuhiE%3D\"}]}\r\ncf-ray: 9d3034028fc51243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":792,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (791)","md5":"81ebadd562734ed587f3316303b98381","sha1":"5723c81e2b22ffc192d40520d06e88144b0772ad","sha256":"7c50130b8bd2f94adc659826b11458992c265553deafb0b41a0e70b68f147d5b","sha512":"649488501388c20a305d284b0ccc5de1027ee267165017e7ecd09d3f9d60e6d61ef3bff8b2f81884ad5a65e42ee40714f9473e4f0a677a8d4eea11ca50e158be","ssdeep":"","tlshash":"b4014efda5c1daf79b4b553b0e6c492c718d5680ea1f86c2d76da4207b402ecb132590","first_seen":"2025-08-26T17:46:37.228469Z","last_seen":"2026-05-05T09:11:43.050995Z","times_seen":43,"resource_available":true,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/common/getWhitePaperSetting","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"OPTIONS /api/common/getWhitePaperSetting HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x2dDVAV%2BIIAp%2BHwDInWmp0%2Bibh7izURQhP3nChwbqXXwq4oBYhXWvtLtDIckt4Zf4h77LBK8%2FuUuOAfOA7N6o27MYsCfB5VZmc53UTVi3%2FwkNwYQ68k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340dec6dbe94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T23:09:45.281132Z","times_seen":16194959,"resource_available":true,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/common/getWhitePaperSetting","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:15.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"POST /api/common/getWhitePaperSetting HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qEI76XyUoczFJ3woYyOYJtXECFyVxGWSCQJfNA8EjzDUVP%2BvOKqxhHhA9ZxZ9bLQ%2FzgrmzBA7xXfdMAIX40n6mIMutDQJ%2FWbX%2BxMn68g%2F%2BRY2wp3QjY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034116dffbe94-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"2242e19feb500bf698eed618467a3c6b","sha1":"7729594e25123a8b73e609f6fa151d24b28b253a","sha256":"102a7e1c345cafba320329fc72637f32aff617d83f9377fab9fb17aba2562ef0","sha512":"8a716d6a64f1c7a794d8e61f538eebe6211fe6f09f7597104e619308198c4096d3430c58718d95ab9b51bd3f286494c5639041b085d8e4a71831fd5fa6f07f10","ssdeep":"","tlshash":"7bc080366d0890b6565175cc453a160fb0e4349635005144c8545a04e808eb9d90d4c9","first_seen":"2026-02-01T00:53:29.003963Z","last_seen":"2026-04-28T19:27:54.741661Z","times_seen":13,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-CqgRwA8p.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/index-CqgRwA8p.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-ca3\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=umeBlOTpZg4fb%2BCmAo3PHQiqQJQxl9ucBKbsw8QhnaUwaS5cMW3PHl9jYDX2EnoD%2Bt3mXolpIlGUzjnCC%2BM%2FzZbDl%2B%2FvRxBeUToqM60%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f8bc11243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3235,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3234)","md5":"4e2e897194c8005e76d22698f76e3b9e","sha1":"585a69b98d9bf2a277f47d86477d0b60689eac4a","sha256":"2c7bb6991b90244fe6440f8f62a1c0d3e99bd3187c3828d29d7c960e5d06b245","sha512":"3e40e542af60272de6e3b2680221e8da30922529c5a36833227cc2da7f4c21b08860878852c313c73056477a33cdf54cb7293d3b030a53e53a59f8b5625b90f9","ssdeep":"","tlshash":"a361c5dd78b7f020877148ee507b0636e23a37592408d0d4e01fcd8a3931d6ab2a7e29","first_seen":"2026-02-24T15:59:15.557826Z","last_seen":"2026-02-24T16:05:43.816482Z","times_seen":2,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/login-bg-CtTnvaIr.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/login-bg-CtTnvaIr.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"698b0c4a-5b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b%2F%2Fnn8B1HcNvH6%2FPKyt%2BwpMDua4gMn8Oi69JORhey2GUmqp1WHzDtfIikqz6%2BvOcqsD54TUOpRxqYnDorC0a8zmtquUfQYntdZiDh%2F8%3D\"}]}\r\ncf-ray: 9d3034231c7d1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-05-26T16:34:37.715579Z","times_seen":68,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/CreateOrderModal-Dq3M96Ax.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:18.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/CreateOrderModal-Dq3M96Ax.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-3f90\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kReAUPfZukBZ1o3tnSayIZIyEM1W0iAL0f3cfPLKg0Ao3ug3w0jdWQVk%2BzOYj9fc0LsBjY4qQ2P30S0r21YcIOpj0yewSzNNzmY6WOE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d303426bcce1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16272,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (16271)","md5":"0d11b51e7c897f3916d3a2e9e6d346f4","sha1":"4b9e6a12d0860db1338c00342d61e1dd714231d4","sha256":"c04356ae51f6d866828a6e4a26377216bd00349fe6a0a55ba48ccdfb60e58afb","sha512":"ca0456e1645ca7edb9b5e33d36044b1df05112ce339e4bd3820bf7d6fd4e1be28a8f4cb5fb1324a5b6b589664c46eab9e38ca6dd67f89867bf8db61bc9f156d8","ssdeep":"384:a5fMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:ahMuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"8e72c93c70d0c9be9473d176a2cd68244048bfcfc6635bcef63da66415d9ca15725a2c","first_seen":"2026-02-24T15:59:15.566062Z","last_seen":"2026-02-24T16:05:43.79627Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/filters-CwQNJrJW.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:18.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/filters-CwQNJrJW.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-416\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OxgwkJILZXLuyWPEu%2FLjdnFswcaszEX3g9%2B7wHKW66odc1dZrAkc%2F9K%2Bj%2FysUPJTZJfxbGv3SO3TarhW%2B7CzdWS9L9A6wiaBLofbsSk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d303426bcd21243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1046,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1045)","md5":"3be61883aa794d73d0be711578300ddc","sha1":"e2f55af3af6d11f9931384bc3b5db810e6e76562","sha256":"56bbbca3a1fcae8633790e3481f5810ef57684572d9b93e4e2ad0ce87ca087d6","sha512":"43ada60543acf6d99f5a99bfef8f6bdeddb5a21272a2fef486d65a356a865974b0dcf316d77db2d5bba0efe5afe165a387e76d3834b510db47fc229b80658db8","ssdeep":"","tlshash":"0711adb995c6c67b02fbc8c8514d41c768e87f78b00e4b62bd64f1163561095f4be393","first_seen":"2026-02-24T15:59:15.562117Z","last_seen":"2026-02-24T16:05:43.751763Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/common/getUserCoin","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"OPTIONS /api/common/getUserCoin HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B9DQyDQXnWlDXr6yWf1Qbs9iFVDaITKppWHOZIBtIlvu7Bnv3HDOGvbMmmgzD3sQ4pDU2OCPrYbmstovDxgsutsY5HY78RswoTV90Eo1Hn%2B3i%2BjaJqI%3D\"}]}\r\ncf-ray: 9d303402ab37fb58-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T23:09:45.281132Z","times_seen":16194959,"resource_available":true,"data":null}},"time_used":2479,"timings":{"blocked":55,"dns":0,"connect":12,"send":0,"wait":2352,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/PdfViewer-BH7Ek4ws.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/PdfViewer-BH7Ek4ws.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-219cba\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AhsNr619QA1CSPD72EyJS8wgf%2FfnIr9JL9ieyxh61DYbqUwekFahYqRPkBLdXbzPYzUjJrmNFsSZBO8YDeeh1Diz1yDMALjU3stYG1o%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034029fc91243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2202810,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"41b790f49b2c5c8196bf910f176ddf76","sha1":"bfdd6bf8b0621e227113e4ba62e3c196b24c3d70","sha256":"09e53c1fbb122763207a90af34d2ed2c8effe28ce0b2e77f6fc3d089d1ad6597","sha512":"fe28da9b7d2824a1d8494ff8c5449abec09f4e51f76bb9b65485171b09d9854c61ffadaf15bc875149a6c21f8ff2f9d287541efd6da1c45a8fc7a7902c87317a","ssdeep":"12288:2ZapMfCJkxNP/XN8894qsbzAar4Y7hdKvWHbzYE/EqkMsxP706zL9bHIOdBEtHbV:2kpMfCJkPXXq8RqbOt7aFMz8","tlshash":"e2258d24731a769d0aa900c370bd1589d3fe1609e062e1dcb78f7a9f6a6ec09673d734","first_seen":"2026-02-24T15:59:15.542005Z","last_seen":"2026-02-24T16:05:43.762124Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1521,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":765,"receive":756,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/XRP.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/XRP.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 16:05:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 2274\r\nConnection: keep-alive\r\nx-oss-request-id: 699DCC3CC78BAF34381CFABB\r\nAccept-Ranges: bytes\r\nETag: \"674B0999F6083084A2A4B1D8B20F3BC1\"\r\nLast-Modified: Tue, 22 Oct 2024 11:42:52 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2919851811578833622\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Z0sJmfYIMISipLHYsg87wQ==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2274,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"674b0999f6083084a2a4b1d8b20f3bc1","sha1":"8d14a526e83604e323723b4d25f8f8066f1ede70","sha256":"632f9cacb6b3fbedece774a8d27c436f37dc359de3bb0872ea19603b70347708","sha512":"4c04d137c2448c0d52a4298c858f95c58116c1d77e75899f5acdf6bb61ed839dbdc99fd5556eb63793b81258de40e515540acaeab007da76664476c9be2e514f","ssdeep":"","tlshash":"cd414bd7c53300ed9128e735b8c3ee819c00628d183bb46b89f5ec60b2346d31a53a98","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-06T04:02:55.304252Z","times_seen":638,"resource_available":false,"data":null}},"time_used":1408,"timings":{"blocked":1135,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/DOGE.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /virtual/file/DOGE.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 16:05:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 55728\r\nConnection: keep-alive\r\nx-oss-request-id: 699DCC3CB1E8233631E96BDB\r\nAccept-Ranges: bytes\r\nETag: \"48384A67185DBDFEEF3AA43C99D3319C\"\r\nLast-Modified: Tue, 22 Oct 2024 12:00:22 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3192987439189544564\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: SDhKZxhdvf7vOqQ8mdMxnA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":55728,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"48384a67185dbdfeef3aa43c99d3319c","sha1":"23e15189bebafbbec8b23e8ed0f3392a9b7979ee","sha256":"1ceba4efa6a645fbe532e520385f37001922e14b6aa7b4ebeb19e755014feb39","sha512":"2f7a13f56ff64b874a76994d00f198c5fc2b7424181935e641eb81bcf171db54fa50b711502c0c4a7e8f5c934ed5747233d87ae0602916244947d3724eb3ce10","ssdeep":"1536:5ko5w6RHlzxqElMwBI6M3iD+oLKTn6EPwhk6g9p6uP5I:x5fR9xjlMGnMSDYLPJ6bOq","tlshash":"0d430247c0529ed2c68853aa0e3de48a84779d12358f80577ce6525a82e2df29bd770f","first_seen":"2023-05-22T05:59:44Z","last_seen":"2026-06-06T04:02:55.286281Z","times_seen":642,"resource_available":false,"data":null}},"time_used":1718,"timings":{"blocked":1401,"dns":0,"connect":0,"send":0,"wait":283,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/SetFundForm.vue_vue_type_script_setup_true_lang-BbTQdYkd.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/SetFundForm.vue_vue_type_script_setup_true_lang-BbTQdYkd.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-a71\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BEY331zly5W2LGg6DfRakFbLjEOYhk0bpmrpnvwN%2BIv0LmobQXE%2B3C4cJy%2BmljaslXoejEeV2ilIOo6rn2WUdzBNla25ygXy0M3FQD4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30341f8bc31243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2673,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2672)","md5":"4032e85aa409b431faa1a8e7bbff0ec3","sha1":"9867279ebf6cd5d205675137f1e4c55d771c09ac","sha256":"4ffef19e3b976a6f40e7c8f31be30bdd55ea228d6f2e2195e8c0798bc6884277","sha512":"913ac3f6b28b2d7b049dbc512c85d566587ce2d69a6539e0bb28632d4365dba30c5df23d7e9e3d17513b8d7c06cc55e4bf6692d954916f14d07a3bd0bc6bb943","ssdeep":"","tlshash":"d651540d24b2cfff26c3a238224e2168e0c8bfcfdb308755b66d407226c99f53619a55","first_seen":"2026-02-24T15:59:15.567108Z","last_seen":"2026-02-24T16:05:43.798865Z","times_seen":2,"resource_available":true,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"webapi.bit173finex.com/ws/1749b5ed-2900-48bd-a9bd-f44a06631958","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"GET /ws/1749b5ed-2900-48bd-a9bd-f44a06631958 HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://bitfinexc.win\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: KK3xn3+Rn/ldOHWobAzlHw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nDate: Tue, 24 Feb 2026 16:05:14 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://bitfinexc.win\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: ELkDlazGsudyutcnl6t52T0otL8=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=KZTMaU6144et1Kk5yz46Ncgm407vgrI%2BmehK7IfAfwvlOs2tieVsoQdotVTKUH1aNxLnVGLRhOkar%2FqCuOavMoaFBVK%2FjDkIBSPtQ1ckZEYJocRuYadqMLeIXtBUrFG%2Bf0dB098Rq2ww\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9d303402eb4f3e6a-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=8253\u0026min_rtt=7808\u0026rtt_var=2320\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3120\u0026recv_bytes=1201\u0026delivery_rate=472996\u0026cwnd=53\u0026unsent_bytes=0\u0026cid=96a667f652321055\u0026ts=2195\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T23:09:45.281132Z","times_seen":16194959,"resource_available":true,"data":null}},"time_used":2385,"timings":{"blocked":-1,"dns":77,"connect":94,"send":0,"wait":2186,"receive":0,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bit173finex.com/api/common/getCoinContractList","fqdn":"webapi.bit173finex.com","domain":"bit173finex.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bit173finex.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 12:29:40 GMT","end":"Fri, 10 Apr 2026 13:24:29 GMT"},"fingerprint":{"sha1":"11:88:38:B3:15:1D:EF:AC:AC:77:5B:79:7F:F8:3A:5A:65:F6:BF:A6","sha256":"C5:56:A0:25:AD:F5:FE:A7:81:EF:A0:C2:77:07:6C:67:9C:1B:06:E3:08:56:B8:82:91:C0:9E:C0:92:24:53:C6"}}},"request":{"raw":"OPTIONS /api/common/getCoinContractList HTTP/1.1\r\nHost: webapi.bit173finex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://bitfinexc.win\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Feb 2026 16:05:14 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bitfinexc.win\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UeC43M9QOf713jMDL79V2HcYGLd75ibLGA%2F%2FS2I5ah04uUWUfgDka9psGz4Isna1YFl%2BqsuACn1pPxjJVZBASy6If9fmMjpFlnfBsdq%2Fu2nbSleLujo%3D\"}]}\r\ncf-ray: 9d303409cdc5fb58-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T23:09:45.281132Z","times_seen":16194959,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0ab2a655a74f740efa2025401359375ca.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0ab2a655a74f740efa2025401359375ca.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 16:05:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2527\r\nConnection: keep-alive\r\nx-oss-request-id: 699DCC3CB1E82336318B6BDB\r\nAccept-Ranges: bytes\r\nETag: \"9C5D020AEC325696D1D22476E7728DA4\"\r\nLast-Modified: Thu, 03 Oct 2024 06:55:38 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17182148815916858481\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: nF0CCuwyVpbR0iR253KNpA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2527,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 136, 8-bit colormap, non-interlaced","md5":"9c5d020aec325696d1d22476e7728da4","sha1":"e9ff2cdf5160142a77c449947e659627d7ee0a6e","sha256":"3fc4675d2a41c72bc9dd1c9568b0104320bc66b77a69ad6ced74fcfbf1e1d933","sha512":"a932dd67813eeebb6a1393473906fdfcb5cdda3e9428a111476983bdadf8e37f6b6a03773cb3ae4a9bba26b165697a59bf4fa86c9fc42c256246290bc397f665","ssdeep":"","tlshash":"a9514c978961de1fb26822d2c1c1b142acaafe4f117debbd90d4012ebf5c612911df4d","first_seen":"2025-08-26T17:46:37.24324Z","last_seen":"2026-05-26T16:34:37.706394Z","times_seen":69,"resource_available":false,"data":null}},"time_used":2720,"timings":{"blocked":840,"dns":0,"connect":274,"send":0,"wait":1030,"receive":23,"ssl":549},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/cap02-DD81pVdb.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/cap02-DD81pVdb.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-2472\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yvAqVGVTyBJbLP9O6Q3DYyXllUyHwVBHHW824pG4HHk5IBiSZuhDA2Z1LsVIdNHd2htfcp0s%2FobKdurmUQ3il47HrJgNxJOgeEG2nfk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d59261243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9330,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 132 x 133, 8-bit/color RGBA, non-interlaced","md5":"4ab1cf3ece753d1eb82627035c469652","sha1":"8fd4288260a2672c70428ee600390022604c5a42","sha256":"63b00e3bd41d39461d47872b23ee4a6a5a12f68cff29ce474bd400ac8c4498ff","sha512":"3c0ebdcbdf510c654de8780e0425b90c0fbce8f7c65894b7d4432b4f416dc66b26fa5b9c4c121313a10e6b736e9fde8b157bde0aca60077286dd35266de5fa7b","ssdeep":"192:RRHaX36Byum2m1yWAGebDn3stnesP3Mpb6l5tjp2GSb2lS/9HPIIu:RoGyHX1yWTWn8tne6cF6jtjzSb2lSNId","tlshash":"ee12bfc349926778264916dcb738e5807731a8920783c38ce4b5b528b1fed8c4e63f5c","first_seen":"2025-08-26T17:46:37.28042Z","last_seen":"2026-05-26T16:34:37.74648Z","times_seen":72,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Low_4-Br3Z_v1E.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Low_4-Br3Z_v1E.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-145a\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=01URylXya8yeVDuEHvyFjNLsyEz2uymVmROw3%2F%2FG6Kl4XZPkiBaNuVb2ROGcVcx3w0sIL4eo5NG%2Fs7U%2FsGufjZjEZf5L%2BVA1bUbmwvA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d79341243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5210,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"95b8e27073c3c6e483b1a0609d083f9f","sha1":"2c4ef32b62fecfcb1cf70e0676f088c54a7d5fa7","sha256":"cf0f9d03ca1dbadd2bf8035de500cd44cd22693a30f552beff3c1ca19b014a5d","sha512":"bac6e493131b8b30a759e54276893c3544058d4a2540b7672013d49d5e2b3b6dd2a6ac21982e11ca156f7c7e0d8e2812b751cd6e3f8d1ac6189da8dba35c5a08","ssdeep":"96:8OSB6U77P8HDm2GqvjYUZKKmqVvLf8vPI1nlr8HznVGkvarcO12ReC5biF6vh:8OSYMPoDm2GqvLKKmqVvLf8vPIdlkEJ+","tlshash":"65b17dd37a01d0832e56b85bc39aeb609963344b87126a04edb1edcc1496ece0fd4ee5","first_seen":"2025-08-26T17:46:37.277551Z","last_seen":"2026-05-30T18:39:08.481954Z","times_seen":85,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Login-B_SJkevf.css","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Login-B_SJkevf.css HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"698b0c4a-e5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bA%2BEKUV08H8HaS7Tly3OeZ8ZdCyUaJTBY0c3ot5r8iEtY%2FIciBT3%2FV3mjsBY%2Bk3DN8qpka4WzY3Q3CmFyio%2FUn4CrxJ4uxFroJt%2BrnA%3D\"}]}\r\ncf-ray: 9d30341f3bac1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":229,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bae627bf13d569007ee014e7d11dd7c6","sha1":"b4351e257b02d016d18e9dfffa5a140f2fdbf144","sha256":"aed61187cbecb64a4b81f27208a0f93dda0961b46cb91cb6d6519def51cee05c","sha512":"77784ddbb35fadd017a3fa5b153e82e690d61dc49e698369fa33cc6bf98bbb84f9607b94cdf6a645096fe5fb32e957e6d9a46017fc2a5303a1146275a1a1e738","ssdeep":"","tlshash":"89d0c904755e142189b7866058d1c9980aaaa3d3363b88a833c356cf6f8325a642f5c7","first_seen":"2025-08-26T17:46:37.226419Z","last_seen":"2026-05-26T16:34:37.744839Z","times_seen":68,"resource_available":false,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/index-CqgRwA8p.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:18.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/index-CqgRwA8p.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-ca3\"\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f0XaVfe79fmmdMi5GnfWG9RGr6ewgNudlHtuI9XCDXoq9UI0vvc1kl5%2BtAGw1BUyiLsQ8GXqR7wrEkaz8dklQklsRrTscOzbWXSPuxA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d303426bcd01243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3235,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3234)","md5":"4e2e897194c8005e76d22698f76e3b9e","sha1":"585a69b98d9bf2a277f47d86477d0b60689eac4a","sha256":"2c7bb6991b90244fe6440f8f62a1c0d3e99bd3187c3828d29d7c960e5d06b245","sha512":"3e40e542af60272de6e3b2680221e8da30922529c5a36833227cc2da7f4c21b08860878852c313c73056477a33cdf54cb7293d3b030a53e53a59f8b5625b90f9","ssdeep":"","tlshash":"a361c5dd78b7f020877148ee507b0636e23a37592408d0d4e01fcd8a3931d6ab2a7e29","first_seen":"2026-02-24T15:59:15.557826Z","last_seen":"2026-02-24T16:05:43.816482Z","times_seen":2,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/Calculation.vue_vue_type_script_setup_true_lang-BMhkdazn.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/Calculation.vue_vue_type_script_setup_true_lang-BMhkdazn.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-4ff1\"\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aoTkSi6f4Hc6ZeLopIxDFkkxy3iByZJvmt72dKHHOKQ%2F7sZ7nEJpNtOH%2B91DezJO865Lu%2FuZmfG93zKHVSqaHMU1%2F4NrkYCQs1EFr64%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d3034028fc31243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20465,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (20458)","md5":"80fd28a33f6647d8519b15115bcb54f9","sha1":"4fcaa68fcf0f7db4b0fa377f86e5f5afa2913897","sha256":"e0aef006e280979ce50698cda2d0a6b81ecf9785800e941b0d11c85278a84833","sha512":"082dbd15ca453de0052472660512fc79c389ad6cc06115605e93a882a9ad1c80579a5fbf933b5fe63f6e5d3580aa1137e9b84d922fef2c824a89ef52b9a5d7a2","ssdeep":"384:d9SYvdyMTG1CmxcgnJcwV1eBcICHan1BAkL1pkDUaBoiA6UJWM5boWBu5D8daLHa:zScUYfjBcban/Ao1pQUaBol6Ubboyu5m","tlshash":"b392a64db252db3ddbb354f1a05e1014e0087fcad426c497a1bf09933aeeeb11a6967c","first_seen":"2026-02-24T15:59:15.579491Z","last_seen":"2026-02-24T16:05:43.814288Z","times_seen":2,"resource_available":true,"data":null}},"time_used":540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/cssCalculate-G7yYGhEz.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:13.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/cssCalculate-G7yYGhEz.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"698b0c4a-318\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=flphIwVEJ%2B4Pyn9v0y2hwDGmqBKy8F9J6nm9qVntb2fGkIQ4E%2FTiW5T2EgScYzAn3qsBa4UNhRu756vWxfsZ3%2F9V%2FuUBiU%2Fwnw8aZog%3D\"}]}\r\ncf-ray: 9d30340868841243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":792,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (791)","md5":"81ebadd562734ed587f3316303b98381","sha1":"5723c81e2b22ffc192d40520d06e88144b0772ad","sha256":"7c50130b8bd2f94adc659826b11458992c265553deafb0b41a0e70b68f147d5b","sha512":"649488501388c20a305d284b0ccc5de1027ee267165017e7ecd09d3f9d60e6d61ef3bff8b2f81884ad5a65e42ee40714f9473e4f0a677a8d4eea11ca50e158be","ssdeep":"","tlshash":"b4014efda5c1daf79b4b553b0e6c492c718d5680ea1f86c2d76da4207b402ecb132590","first_seen":"2025-08-26T17:46:37.228469Z","last_seen":"2026-05-05T09:11:43.050995Z","times_seen":43,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/crypto2-RVLsXywe.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/crypto2-RVLsXywe.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-ddcf\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oo7w%2FmaUxrcqSYyde7SyhXYKrhKMzcDFPvdN0He9cJNPfZBizbS66frBZuc6OAAyugwtQCkMU5jwWaE956pZ1O6sbgwpdaS9Jdhjdg8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d491d1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56783,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 305, 8-bit/color RGBA, non-interlaced","md5":"8a1eae471f4c0dc21007b86b97b5fd68","sha1":"b1ac51b4dd8a9a255a35326b1e0e3724eee7b431","sha256":"780f1d2b6644b5d7173ac032e83d0bcb58b2d0f8fa81911b15031918f3cb593f","sha512":"decf23d33c7f25185d1ce69a55b7ecfcacc46225c0a6cac3705c8c8666531831edc83b956a8dd0e714b0addf0cfec8e2e9cfd30738b652556ef113d9131bae4e","ssdeep":"1536:Z41T3sxtojtdJlqDe3dBB+5pfT8kbN5ahOaV:Zm3sxWtdzqDe3Dw5ZT/N5ahOK","tlshash":"e543024f4482be71cc64d7813f96923a11967d4afda0b4b08ea7a041cfce4ed72456af","first_seen":"2025-08-26T17:46:37.263184Z","last_seen":"2026-05-30T18:39:08.446582Z","times_seen":88,"resource_available":false,"data":null}},"time_used":966,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":778,"receive":188,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Low_5-CMIV401Y.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Low_5-CMIV401Y.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-142d\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cQY6LK477Jx4ausBDIjypW3d41DxMJmOBD6Gcbq1tT9XyEsFrZnzDipGOg1OhD2B0Jmdn13iZc%2Bc2I9%2F7ux8MvEDuG0vvVYr2nmTC%2B0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d89351243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5165,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"8c29098b3d0e9ab466eb1881954e3d7a","sha1":"c8ff881fad14961afc827512e7aa876786992750","sha256":"d4a27de602d5c456720fad40a77b4deab49b1e79572473f835ebaa045d8d6a50","sha512":"f4f0843eed3363e5fa1723ea594014e7996b084db145b0441c9b4de081841b3b07518517424adfc1b8e35a0e2fe092f43ab261aac4b39fe2a0c0a2a8c673262b","ssdeep":"96:4SAnqpFPEsnjf4nxVqQpsje9GE2nBU2Jhe+W/WD7Y4kbPJdymXr:4SAGzMnxVGg5Qh9D040xdysr","tlshash":"04b17cd73931c365649dc920bdceb4c3c42f6038729631b90b74ed52c86b804919bf69","first_seen":"2025-08-26T17:46:37.22518Z","last_seen":"2026-05-30T18:39:08.46159Z","times_seen":85,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Low_13-B2HuoVrN.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Low_13-B2HuoVrN.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-10a6\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q0K%2FK8LdYG1Hnexa6Ahu2gh7YB0pWdfgwp3%2FMoGaA%2FeUooQQ2LInycYSwmTKn5uq0fBjlXniJjPyvay5msenxF2pWwPjpMbZ5bl5G7E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d89371243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"1e225322486da698930459293f9cdfcc","sha1":"09ca6066e08ce08ffc2a2d04b6d14d9ec9dafe64","sha256":"8151a3f93d70e3de89de9c9e95e0bf697d1a7f541d1734ba9df79ad7c58762a2","sha512":"bf2418af78b8d093f7560802048801899d09c5a7563c91d2d419020450598059f4ac777e7437e55c1b4ca37b71b92faa1cbd119a448b1cfc42b130a0f5986d08","ssdeep":"96:8OSWmUdZeggw367qTNvFnH5FaIeZAPjseHGYderXJNHNaw360UjtZ1YttBU:8OSWPZbjH7aF+Pj9GrXJNUwK0UjiZU","tlshash":"a8914dccd8d52f85aeed6e6ad4419b55573e1dfc9c149d8a34b0884a9c4037cb120e6f","first_seen":"2025-08-26T17:46:37.269188Z","last_seen":"2026-05-30T18:39:08.451709Z","times_seen":85,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/bg_1-BEkGORMz.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/bg_1-BEkGORMz.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitfinexc.win/assets/Footer-kqO8xzJ8.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-1b1e7\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FgswBlx5%2F8bSC3PYgU04OYhWezLbQq3H3NU%2B883UsAXkp3Das7%2Bo4CI8ipPU4NICRx%2FSnv%2BAp0obrlxmhM%2FYxxrFyLJYziPChLTQ9lk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340dd9481243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111079,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 223, 8-bit/color RGBA, non-interlaced","md5":"2667011e3e80bffc8f53b439e07ed571","sha1":"95f1f9ca0d80b2a0d88b15e41ff4c0804eecbd86","sha256":"71512d4d03b324477cbaa139206155fb48617658908eb7309b2abcf7691c9258","sha512":"d3038c24866b6edacd3c1e24f83285f7a03cb14a00552290d650042c6977ada5c6ecd88e9cfb85ec027398e450aa6b1718837198f2dd070d886049d31ff041b8","ssdeep":"1536:ZeZbH5ZJim+F0K+MQpgatMdAt8SgQh4LDyOBhOHQSTUFN4DoY84bAGB8d8Zf3p75:4Zb/JipFP+btwP4uFwQpksCBhpwvIqYJ","tlshash":"8ab31284374f43b9c666bc2d4c0fb950b7a68125b124ce84dff78417716aa3e8f89e61","first_seen":"2025-08-26T17:46:37.222479Z","last_seen":"2026-05-30T18:39:08.483204Z","times_seen":84,"resource_available":false,"data":null}},"time_used":1098,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":737,"receive":361,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/login-bg-CtTnvaIr.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:17.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/login-bg-CtTnvaIr.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:17 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"698b0c4a-5b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kvpbgzas2jxYXnEZnFnabBd6R17wdIWeSwlg6%2BxClIXf91xcvWWgbhI3qItiktI8T9ijvep2FPW2tuNkaN3AZqqAffbIWcVDSm3SNDc%3D\"}]}\r\ncf-ray: 9d30341f4bb21243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-05-26T16:34:37.715579Z","times_seen":68,"resource_available":true,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":605,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Frame%207-Y2WnO9cd.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Frame%207-Y2WnO9cd.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:14 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-10a7\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c5gxT8Lss4xY7rxfL3mjQlGFnHnrWTJQisFd8%2BVTY1vKdCFc82cuToLErKTWAGy02eYVA1FmH6%2FF%2Few6rmZx7zOl7wdZ8cB%2F3%2FMul0g%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d692f1243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4263,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"d5e5104db484a25110af449819dfd7ff","sha1":"d71c6ce1c4710fc41fd1c7e3528f71ef71cc6232","sha256":"19b5705c4832fd650e2dfa032ec9c31ae647eb51a7cfb6a8bdf91dfc3eb048b0","sha512":"4579d3e6605dceceb2d3c18ad431ad534b51f3a3a4f40dbee08820407dc3f97ce488136b6709675e6a84d6c58427a923d33fbd4ecaabe8aee935af183186c204","ssdeep":"96:4SqIjc9/X4edqkPCETKZ2OC+vk+YLoQh9skSY6gS54+rQ+:4SqIjc9/oe8kYZpV8QQh9ZSYc5xD","tlshash":"28916dc0bffd596ec8c7e8e4e585a48b6c7724acec5dc1088c71892e8575e331262b54","first_seen":"2025-08-26T17:46:37.295193Z","last_seen":"2026-05-30T18:39:08.479167Z","times_seen":85,"resource_available":false,"data":null}},"time_used":528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Frame%208-BqAgsyxz.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Frame%208-BqAgsyxz.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-1c47\"\r\nexpires: Thu, 26 Mar 2026 16:05:14 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UIvlbJ5WnWownkZv4DLx50mJWg5r%2F1IanAAo33kpDYzRiU7n2JhwE1Q1CGsjPEfx3crTos9Yj%2Bm%2B5lTGKfGErk%2BFyaVtj%2B2MTXbda4Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d69301243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"75a72c4dea3d1c72958d06e43d016c04","sha1":"cf235da5a62609b4906cfd3eca2815d0010e824d","sha256":"fd587397411636272992efc7f82bac757bb590dab7d43397c81c7e8fbed942e6","sha512":"0ddce061afc227f09eb29ef76f8727d4912024661382f43f130594f8215f72890154a2ca9833f6bbc5a73b52ac17b93d242cc6613667e250a97dc064870d00d2","ssdeep":"192:8OShxXd6eltxGINi4o+REDb+riYu04FZwWQnv+wPInRa:+nzduUo+tu0cZInmAAQ","tlshash":"0ee19ef5689448b39a23843608c87f70db655b776fc149a670706a890e3127d66c2bac","first_seen":"2025-08-26T17:46:37.267799Z","last_seen":"2026-05-30T18:39:08.455036Z","times_seen":85,"resource_available":false,"data":null}},"time_used":627,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":627,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/js/dataModify-C6sk-dj3.js","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:12.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /js/dataModify-C6sk-dj3.js HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:13 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Wed, 25 Feb 2026 04:05:13 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"698b0c4a-27b\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UJgcM1RZYrypJxgOUZsvG8eVVlEVGFB7zMRCOQWccM81nQ4PO9x4Ffc9W8cIu7YjCyzcdZo9nXi%2FbgjfQvENJqRaBtZ42hiwpHF%2FL%2BE%3D\"}]}\r\ncf-ray: 9d3034028fc11243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (634)","md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-05-26T16:34:37.704819Z","times_seen":66,"resource_available":true,"data":null}},"time_used":609,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":609,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0ad414b33b31e4e078f62a5e4565c9995.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.199","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /echo2.0ad414b33b31e4e078f62a5e4565c9995.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Tue, 24 Feb 2026 16:05:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 63760\r\nConnection: keep-alive\r\nx-oss-request-id: 699DCC3B7CD23C303846994A\r\nAccept-Ranges: bytes\r\nETag: \"BFBB2108158282D17C6119DE5A03393F\"\r\nLast-Modified: Sat, 10 Jan 2026 15:30:51 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16265626009351300717\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: v7shCBWCgtF8YRneWgM5Pw==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":63760,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"bfbb2108158282d17c6119de5a03393f","sha1":"0a436b8ce5b3ab6ee9eae43f1fc70d5038f23367","sha256":"770fecea904abb6cadbb0a0198bdc03ff7296f074da830c911427c927afa9de5","sha512":"d242cbae348cc0568af039969f9727f4d75ebc649ffcde25254285afc57ea196009f76ec020f9691f37aab61065ba763f8f875455faff51fa80bdf30ed27ee02","ssdeep":"1536:qWhQmDl0bma055lJKCSnDuy3htsOAU4WgXrl9FL4+yipqnNDy76:qzmUDGnAu1OAnrVLSipQA76","tlshash":"de53dfdab25c7f4adb9d47b041235b927ff009534365c36b4762322a48b6fa13c9eb18","first_seen":"2026-02-01T00:53:28.888706Z","last_seen":"2026-04-21T18:18:07.338895Z","times_seen":9,"resource_available":false,"data":null}},"time_used":2406,"timings":{"blocked":903,"dns":13,"connect":292,"send":0,"wait":301,"receive":307,"ssl":586},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitfinexc.win/assets/Frame%201-BB-vAyLS.png","fqdn":"bitfinexc.win","domain":"bitfinexc.win","tld":"win"},"ip":{"addr":"172.67.160.254","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitfinexc.win/","date":"2026-02-24T16:05:14.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitfinexc.win","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 28 Jan 2026 13:09:10 GMT","end":"Tue, 28 Apr 2026 14:06:51 GMT"},"fingerprint":{"sha1":"8D:AB:EF:3F:11:9F:A6:9C:53:29:0C:83:17:41:54:EC:72:B6:99:17","sha256":"95:EF:F7:AD:D7:05:BB:8D:C7:B4:A5:C6:46:EE:3F:92:42:DC:EE:A4:34:BD:4D:20:5F:E4:5F:CB:EB:4B:11:32"}}},"request":{"raw":"GET /assets/Frame%201-BB-vAyLS.png HTTP/1.1\r\nHost: bitfinexc.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 24 Feb 2026 16:05:15 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Feb 2026 10:45:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698b0c4a-1384\"\r\nexpires: Thu, 26 Mar 2026 16:05:15 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qwEBDCS7bxYLe3hhAoVeguHKtxgZ1QhVwNEKfPIZkFVmAYpcbSyMexu1EhQ9awpKm4YbI33sOB0OTKfm%2Bz%2BZvbF8pOtyEbAkvmuTO6g%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d30340d59281243-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4996,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"adc6a06c56ada71180d5f6aaaef2682c","sha1":"11752acaf2f9bafd7a0187cd635a299c300ec55e","sha256":"615b199dfbd53bdf6eed13bdbad7e1bc63c9d6b47b5b3941f941b83dc671390e","sha512":"766a04843d059ddfbf1e13d3b5fb00aaa98551e7db75dd84822a33ec3f3194246bc22ca8cf92a9e32f8c055670223d16014b146fc1b8344338d1941879c8b1cd","ssdeep":"96:8OSV/Ycg/JRPrmxexk/17o8HtfKyk4EW+DSSxyyd+WZe3pZ4ftOv3SG:8OSVQcgxRzO441o8NfKlbWUxprQ3pUtQ","tlshash":"31a16dc057e402f8536010362bd174af8997fced76372e8db098e37d22585a5909ecb9","first_seen":"2025-08-26T17:46:37.234646Z","last_seen":"2026-05-30T18:39:08.47009Z","times_seen":85,"resource_available":false,"data":null}},"time_used":983,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":983,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"bitfinexc.win","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}