{"report_id":"5b95cf92-55b4-4bcd-90a1-c3910ae4c856","version":6,"status":"done","tags":[],"date":"2026-05-04T13:21:18Z","url":{"schema":"http","addr":"coinhako.fit","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"title":"NAME","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"coinhako.fit","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-08T13:21:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":12,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:03Z","timestamp":1777900863,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49480,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:03.926703+0000\",\"flow_id\":2095109159997605,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49480,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":6037,\"start\":\"2026-05-04T13:21:03.413861+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:03Z","timestamp":1777900863,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49506,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:03.953270+0000\",\"flow_id\":1967269458436510,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49506,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":753,\"bytes_toclient\":4662,\"start\":\"2026-05-04T13:21:03.418206+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:03Z","timestamp":1777900863,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49498,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:03.963366+0000\",\"flow_id\":906850622984685,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49498,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":6037,\"start\":\"2026-05-04T13:21:03.414189+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:03Z","timestamp":1777900863,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49520,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:03.974510+0000\",\"flow_id\":199349250259691,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49520,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":6037,\"start\":\"2026-05-04T13:21:03.424683+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:03Z","timestamp":1777900863,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49536,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:03.979749+0000\",\"flow_id\":1733627532517174,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49536,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-05-04T13:21:03.433974+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:03Z","timestamp":1777900863,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49490,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:03.991785+0000\",\"flow_id\":1604220167868747,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49490,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-05-04T13:21:03.414027+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:04Z","timestamp":1777900864,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49548,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:04.213748+0000\",\"flow_id\":1591335265969929,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49548,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":6037,\"start\":\"2026-05-04T13:21:03.665353+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:04Z","timestamp":1777900864,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49572,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:04.220209+0000\",\"flow_id\":1955097521115374,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49572,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-05-04T13:21:03.676078+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:04Z","timestamp":1777900864,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49558,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:04.226128+0000\",\"flow_id\":586063810603143,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49558,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":6037,\"start\":\"2026-05-04T13:21:03.665735+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:04Z","timestamp":1777900864,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49552,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:04.253205+0000\",\"flow_id\":2143174138996722,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49552,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":6037,\"start\":\"2026-05-04T13:21:03.665586+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:04Z","timestamp":1777900864,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49570,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:04.260103+0000\",\"flow_id\":1380035759916824,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49570,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":6037,\"start\":\"2026-05-04T13:21:03.673560+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:21:04Z","timestamp":1777900864,"ip_dst":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":49584,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:21:04.268006+0000\",\"flow_id\":991521608273873,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":49584,\"dest_ip\":\"47.79.64.242\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"tg-mahalebi.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":906,\"bytes_toclient\":6037,\"start\":\"2026-05-04T13:21:03.692177+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"coinhako.fit","ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-01","domain_rank":0,"first_seen":"2026-05-04T13:21:20.843705Z","last_seen":"2026-05-04T13:21:20.843705Z","alert_count":86,"request_count":43,"received_data":3820749,"sent_data":18086,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"webapi.coinhako.fit","ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-01","domain_rank":0,"first_seen":"2026-05-04T13:21:20.845292Z","last_seen":"2026-05-04T13:21:20.845292Z","alert_count":26,"request_count":13,"received_data":65591,"sent_data":6687,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2024-12-16T21:47:18.926773Z","last_seen":"2026-04-30T14:40:43.218878Z","alert_count":0,"request_count":10,"received_data":75588,"sent_data":4770,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"6bfc68ca673adf29592b7f1080026574","sha1":"ea31642ffe2af1436592801a8899f159ccd82a3b","sha256":"90a28f86c845a175ad683b18ffe710f17fd7d92bdbcc4fa194446639d200cc69","sha512":"146399870300bb6b8d0aeb1a95741d9b1af123290b182c325d40837fd50efb35a9916ad72294989e0ef4ab1537e6a9bb79e033c0349f641ce5f82baeb22611c6","ssdeep":"","tlshash":"2fc080cca5f37d0516167561146f35d4d0289017704c5b02ddd4dc483f531f48237d98","size":172,"data":"","first_seen":"2025-09-27T05:00:10.576574Z","last_seen":"2026-05-04T13:32:42.350112Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"65cc32c48c6ca2b8b2fd44c1670ae667","sha1":"f2a116897b02c9bf0bb31247024703d913d0cd13","sha256":"83e989e9718ddc6751b336792e962c10faa616a9f3feaffc90f9c430e4c6d221","sha512":"bd8ce0e0a56f50ef5d499026d682702cf4fc60698a0152097cad28c8b889fcd4bdad15f87af7f14437f9cba7bac5e26d80af6bbc49249f7efbdc468ef39be9f4","ssdeep":"","tlshash":"11c08cc4a0c22d001602681110bf24e890244427704c5b028c98dc583e220b49237ed8","size":139,"data":"","first_seen":"2024-12-08T15:39:09.862859Z","last_seen":"2026-05-04T13:32:42.365694Z","times_seen":138,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"3e4232b5e5a75fdae28922c9a621f83f","sha1":"9d85a26dd43f2f695a91600d7ebf6e95d1318875","sha256":"82b7ccb134afa849818a48c4ae455a10e1f5a5e233f03c5b7cedf1db5897c6e8","sha512":"258a8cd12e52292c41c09c796b4148a0f00fd2df2fbe12c77530d8be98fbaebea7627463273b7f560c7054aab04d0f4f83927e74f13571e28e4c3c4548d6f6cb","ssdeep":"","tlshash":"d5c08cc4b0c32d101603a51550af34e490344026b0885b038da4d8892e230b08233e98","size":145,"data":"","first_seen":"2025-07-13T15:45:44.569627Z","last_seen":"2026-05-04T13:32:42.352416Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/charting_library/charting_library.min.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","size":10859,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-05-04T13:34:50.787729Z","times_seen":936,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"66f3832186e63f9e6dc840695647afd7","sha1":"c88b5b4a0ad23b5e63454693716ea7e6e9b37a4c","sha256":"11c1c2b458ec629dcc74c85cd672bb7708e34ffb7efbb68aeaeb6ac913255b71","sha512":"5424db2d753294f6a8a6c4034187ad5b9d12787552d9c5e70b8eac316ab99076b4c3710935cc347d80726007276d9b75887bd352641dae8529f2e95695256eb1","ssdeep":"","tlshash":"efc08cc4a0c36d001a06641010bf28e49034402674881b03ac94e8482e220b08233e98","size":139,"data":"","first_seen":"2024-07-02T13:45:50Z","last_seen":"2026-05-04T17:25:57.645291Z","times_seen":3376,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"3c9e3899f0598205967f13659171831d","sha1":"aaa77e9ef705cfc86ec45490a0e4153e78072e1f","sha256":"e2ee16c68fdda2ed2ca2e1ca623d5bff31c647bad62507e16fc7911fd3dd9e97","sha512":"eba93c6786156f201b76d764706eb16f43464c05e713aa5c8c83d145dea5e8e9015531fa2d2621754c1f63d32ba665673c6d51ccfcdb6716ea968ba32187d078","ssdeep":"","tlshash":"47c08cc5a0d7be002622a41010af28e4a024802670481b12cca4d8883e660b08337ed8","size":145,"data":"","first_seen":"2025-09-27T05:00:10.584822Z","last_seen":"2026-05-04T13:32:42.348799Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1d3fe830040f95d3ef341abcce7f03f3","sha1":"6c7c3f04cccae7e06bf4558c950bdc697dd0f1de","sha256":"1f78e0f860c8f2d4fcc4a03f72a75ba424e68d90934834185e19742ad42e6b0b","sha512":"5e99352efa03298dd9dfd61652b6523746eb4d08133b7e16e062ea70008d4b3d77861b5b09e3fa1e186756ea3decb4799d3c2e1193ebc4f6bd058661d55a8a25","ssdeep":"","tlshash":"9e11abfe195a60296303804e976b7801642650a9401a284177ccaeadbb9abbdd0cfb8d","size":1048,"data":"","first_seen":"2026-03-27T06:35:36.224768Z","last_seen":"2026-05-04T13:32:42.361416Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/vendor-242a4b3b.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"04107a5a042b9feafcb3aaf480719d91","sha1":"1e5103a25f965c25fa1d52e7a4901b6d38d77620","sha256":"1dc511d478e101965d459a0f747ee86a7cd93485b66b34e73a0fd76d6920f433","sha512":"119c538b8d10a082a99ba8a4c1837d5502f10624973010acca6e0c930e7c7643eb9bbf148401af4b6e43f02902e435db2db768e2b32a871e016542bab3f50b52","ssdeep":"12288:WBIesgWlYRnKHAsm96ieFw7Ho7FVNIeJWDssQXWprmUM/hY8x4GOA:WBIeCgKgsAeFw7I7F3VLsQXWprmUMjf","tlshash":"c0153ac97292f06147ab20e140bb0006f33d6e59740e84a4f56d99eb7d69d89e2b7f3c","size":929120,"data":"","first_seen":"2026-03-27T06:35:36.14375Z","last_seen":"2026-05-04T13:32:42.291509Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-144e407d.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"be264b3a7eeaef4c9824c3125fe919c7","sha1":"6b4a2c9a3af05d7039bccda6272e9104f559bcf6","sha256":"2542b0c24ad79d2399e41c39a2a617a49d8c9ebfed5c824f4a392690ce162cf6","sha512":"2a3e9125487e369666c13d8742da5a02242c01881439618e6e7e3b4dcbf2c02c16a82936b49b3085b118e8fd16fa3f7e2a41793b275907104c9c56c1e1f130e7","ssdeep":"","tlshash":"43f00e7fbd7a84720bb388fca1630820ba182f162b54c4d4e4870e14cb388f7d56e214","size":510,"data":"","first_seen":"2026-03-27T06:35:36.185506Z","last_seen":"2026-05-04T13:32:42.289649Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/currencyItem-22bbd286.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8ea6e03ceedef7f7940c1078ed0ad122","sha1":"5320454c2f007b61b71b182072931739bd156795","sha256":"d7a3864cd6c069b37b63ae3e4c34c516bb66d44e144a2c7dd056f65094b93328","sha512":"360fb5d01a980420229d4925aa543dfeb46360dd268444d0faf4b7b47fbcccaa610cfc7e2f0b0142acedc872e581a04a7d1071220a0dfe53b3281a8a7c5e3646","ssdeep":"","tlshash":"0951a5adbb1186b9d77ed890c5a82811172d37cb3026cbc4bade04063f1ad94d329b34","size":2539,"data":"","first_seen":"2026-03-27T06:35:36.148254Z","last_seen":"2026-05-04T13:32:42.285568Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-eedf0153.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"587a2d7e1b1c8325c3e3762bee1660b3","sha1":"7bc56d82d3e2677c03aa45f8a27ac558a504a24e","sha256":"64d230b35e39ea029478e520c0d9b1b80336e66715ba8370a9a248c293e364bb","sha512":"21f1ba665ea25b585c08dd2fc860866ff7300a597b72067f4face0114698e6d12e6e2d18ca90b2b16aa9286a68f81363d0a9fd788eae42f73ff99df8dd2b69a0","ssdeep":"","tlshash":"0401bdf9fd0d8ebb0fa20a4141a1360114092fddfa1419e298867d661be4950d7de72d","size":776,"data":"","first_seen":"2026-03-27T06:35:36.176554Z","last_seen":"2026-05-04T13:32:42.289067Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"e21a880dd4e3258951787a42857bfaea","sha1":"d69092393af4e813929289ea3c5a180c722ed227","sha256":"b409d8c03eaa683dc7ddd1fdd40df4dccb80954fd3ee28ccd07d14415c28944e","sha512":"e340b50c449986a72c671e9f082b62ba21b40061c898e7d11b24a908efd7755559b88ced0fc5ce1002aeeb69f90b86eaf58edba7f1716ba5b7376a387ed22aee","ssdeep":"","tlshash":"45c08cc4b0d22d001602642060af24e49025442670481b028cd4d85c2e220b08233e98","size":139,"data":"","first_seen":"2025-01-03T15:55:01.306059Z","last_seen":"2026-05-04T13:32:42.356145Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ec4c1d5196aba60d94e140a373eff54b","sha1":"3dd138ec0af6761c2a33a2c83029bfa4f664dbc5","sha256":"ab39237c410b7884ae76d0bf39fe69f1291c24374f6ed095b135ac23fd21c96b","sha512":"5bb9e931ec252a36f73a85dd6e945708c1fef54fc720cdffb90765e78c51c81080ac95ef1e567bc5ae9863c243de0882e1183561e754d82e123890b96d47fa4a","ssdeep":"","tlshash":"93c08cc4b0c22e001602651010bf34e89024802674481b028ce8d8a82e260b48233e9c","size":142,"data":"","first_seen":"2026-02-01T01:35:54.682726Z","last_seen":"2026-05-04T13:32:42.36742Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-05-04T17:08:15.937297Z","times_seen":32950,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c464eee61a30b35747e8e9848e60be3e","sha1":"3b58c9c7de2dd7f0322fd7bb9947ad3a01ac8cce","sha256":"955a99d585122831f4cabbe60b7755379393349c40795ff761e7ce78b3e491d7","sha512":"d548dacba908d5bd228c19df9e45083444741e1151dc914e356f01fd7fcb666a7077df8a57af5bc72e249160aa32ce3e40c77f22dc01fb2af95a6c3d19be3e4f","ssdeep":"","tlshash":"d3e0abeb3139c16456f09f2b6cec4c1bf69b27334d8c050bf8b4a9051ebad64227c894","size":420,"data":"","first_seen":"2024-07-24T17:37:43Z","last_seen":"2026-05-04T13:32:42.366616Z","times_seen":356,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-8c6d956a.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"d4618b735f029163bb0f72a734688d5a","sha1":"0b8b0add4a29f07efff7eeadb07ec8dccc389bd6","sha256":"6d7c0d3d2f7115949d5ce2524b7eb8a1f23da531325c5d627d23c368ec7f9c47","sha512":"8a1a94b087a8bc60413ecddb60c0790ab3a1058bb00e7fecf860918fbe05128acaa4b846eab2128c7e4d381167a0ea78fa2a4fa4757e1e260514694fc4fc65d8","ssdeep":"96:LXJi/9YcqD+wS9xy4cR2bUkiuabiW3hvhg36a8Nmo8/oQNlijk6:LXJiFYcqiwSahR2bvVehvegwoQ/sk6","tlshash":"16a1a699f502c5baeab704504888042031ac7bfaf20448b5f7fdad4a27b8c79d795722","size":4994,"data":"","first_seen":"2026-03-27T06:35:36.119991Z","last_seen":"2026-05-04T13:32:42.292134Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c2a59594b7c750c554d59b777cf7e0a5","sha1":"cc0ac4dbb49aff978ff3ee7d7c1a27f761ba6a20","sha256":"505695da350a211f6c8dbebc42f4bdc2bd8e287e4f5611c8eaf94c81f8951468","sha512":"8fdf9120a742f4fb36ebe9f4bd7684db839a87a5773a496dc5a6e6a8403cfe7562e67463995d588160f8fe75170f338034d8676b7708873d3c0b5c84a0da3b51","ssdeep":"","tlshash":"eec08cc8a0c22d041702641011af24e890244026704c5b02cca4d8683e220b48233e98","size":139,"data":"","first_seen":"2023-05-10T15:08:47Z","last_seen":"2026-05-04T15:18:51.690579Z","times_seen":6042,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-2aaddfa5.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e089df8abe8e91652dfbabb670c3f2fb","sha1":"3d15382e1d023de338e006b5940b28c579039f59","sha256":"ec0e86f8bb3c5d1b0fcdab71df671b7880313d62d09cb51ee66225342a322d94","sha512":"50de5b43bbe1a8e64df84ca5948cc2a2dc441fe470a693e8632d29b12d314ec03e09831687bc8e225e44b4cad4f9cd97e05649f2ac0fa46094283387dcd29f78","ssdeep":"1536:kUzdbSgWUEvzDpwuPlMa+714aLosSMhRf4w4CHLtl6BeLKREPDne8:1vlEvdSLfSMh14wjtl6BYKCne8","tlshash":"4473f9ddb282f436429661a0403f060bf337ae98740e4558f268e5cd7e7c989a17bf79","size":80347,"data":"","first_seen":"2026-03-27T06:35:36.16545Z","last_seen":"2026-05-04T13:32:42.282847Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f3de45722edb9a9e8c3e6bd127b92fe7","sha1":"ec7ec51db78d7c871ab7e064d5321665dab42ebf","sha256":"65b126ac4f07d022b90cb8cd4519fb643ee140ba17dbba7103311c8f25cda727","sha512":"11b335ca47beecf95284ea8095def5cf112dafc28ee84dc352b25186308828ea20f3e6876b5b5d379b258bfa25549431bf2259b5601677f32cc4647e5ac83cc0","ssdeep":"","tlshash":"67c08cc4b0c32e001603651110af35e49034c066f0481b028c94dc492e230f48233e98","size":145,"data":"","first_seen":"2025-09-27T05:00:10.581706Z","last_seen":"2026-05-04T13:32:42.368857Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"60d048e4c2a1eb5d800d7af368cc92ac","sha1":"7ee48e9063a598ebd38d8b0c7430bd748c810c56","sha256":"fc5dd52f9a7f2cd9ac63f3d4e537d6a04f9d97421d87aebf080b38d981c6fb80","sha512":"d3eebc743f8fa489e50ff88bb1c004951f637a926125d6b6698d3d37f899147e2cc425f4ca1b10efdc2e5a69db4ba67f5615281c07adec44f17dd4aaa85d72e2","ssdeep":"","tlshash":"e8c08cc9b1e33d001602641050bf24e490244426b04c1b82ddd4ec492e220b08233e98","size":145,"data":"","first_seen":"2025-09-27T05:00:10.591622Z","last_seen":"2026-05-04T13:32:42.373978Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"9cbeee43eb9396cc6f22ceb11a068a8b","sha1":"855c2b8e594a001965664c3dac645d713e2c239d","sha256":"4748c61b3b46c6d4621d9fe0f60dd4899f2041684946b1434ba9656cfd8db04e","sha512":"13e27d58dd059ba27341cca34d9fd559187d1a26e28aed067fb26d0a35b3e4fb6d9f0a8f9ea8f4d3d207dfda8ae35c0ce573288498bc2c56472beade7926ee80","ssdeep":"","tlshash":"bbc02bc4b0c73d001606641050bf34e8a034402bb04c1b03ccd4dc483e230f08233edc","size":139,"data":"","first_seen":"2025-03-06T21:41:52.844247Z","last_seen":"2026-05-04T13:32:42.355081Z","times_seen":127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"b1e6506abda1ffa5b9ab2721a0fee13f","sha1":"cc64d89d747a4c6f5293b262055d3cb8e175b738","sha256":"848a05dd565ed4ad22c665530b61473e4437ca86f8bd027a8c952177f73b5269","sha512":"ac564a39d053f7c5f6e636296207458bae1d069f50356ee85ac23a8045617ebbe8cb5f26870d5a19f2d3cf834bc578918ad2b9f46bb68e3d0961c68841bb6e17","ssdeep":"","tlshash":"ecc08cc4a0c32d001643641050af34e490348026b0481b428c94d8492e230b08233e98","size":139,"data":"","first_seen":"2023-06-07T05:45:46Z","last_seen":"2026-05-04T13:32:42.359641Z","times_seen":242,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"2b72232ed380a528eeb3a552d77ae9c7","sha1":"6dc118004f8c5dcbcb571446e544948e5884cd56","sha256":"b7d4991a24ab4ba72ab4e3cfa67e51ed181d0f21335bd7adb062d024a1564c4a","sha512":"9a7cba48645dd78c7a719297ffad44b3da7263835e444e0fde947908fd4345a1cbb1d672b3e53338231cd6a11b38c7d45e5395f1387d368b0e8f93beea4d6347","ssdeep":"","tlshash":"77c08cc4a0c26d001602649010af34e890244027b0485b028c94d8482e220b08233e98","size":139,"data":"","first_seen":"2024-09-19T22:02:28.519141Z","last_seen":"2026-05-04T13:32:42.374713Z","times_seen":203,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"e617a06589cbd9b9e749dbf05e84b4d7","sha1":"de5c2b43329616cdbcebd9e2f30e76167087ab70","sha256":"dfd9eb9de4e813f1af7745f7afa48e751990eaa05e91e187dc07c341be873920","sha512":"cf809e892656f488a9f4864d6af042297a0f0b5e4c749bb951d16ffe524316a629fac26fbc56d582adc15b195f3d20056f61614f8c8aa543c65091fa22a73820","ssdeep":"","tlshash":"70c08cc4b0c22e101602681020af24e8a0258026704d1b128ca8dc492e220b08237e98","size":139,"data":"","first_seen":"2026-03-27T06:35:36.236259Z","last_seen":"2026-05-04T13:32:42.353678Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"6e6b08dc2c47899612bf4e0491d57dbf","sha1":"28eb103f9178c8b1f500a212e79d726bf668306f","sha256":"7f6df38d84115ff245fe7e10563637427f5d11fb73326f9f8d030c9e54e923e1","sha512":"5719a333b67d55c0f482fab4307f3dc9480a62dbc2528ec87864d30f1933c449c565a1ee5a4d86274b6911254483a96c3fa548cfc28abf1665efd68fed9c1d49","ssdeep":"","tlshash":"c5c08cc4a0c22d005602661010af24e890248026704c1b429ca4d8492e220b18233e98","size":139,"data":"","first_seen":"2026-03-27T06:35:36.225739Z","last_seen":"2026-05-04T13:32:42.363845Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-2479ba89.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b9d64882f1e11ae3f3bb4c37263cef11","sha1":"8b2d8f1b8220428ab1766b83c4f9a72a1b9307f9","sha256":"a350e776adb6e7a11710427ce403a9be91523a3db587758cfc2f77d793d8a326","sha512":"477ac2ad8c788f1bb1172ce260684710ddccdcbec0f3c88f65d4ff803a1fa96536d0ea167dd29472be02378f300d188b70a5eb26e8a5a51e54ce53206bb2c4b9","ssdeep":"1536:oPt6VU/QR1yEJq00MayRwRFAwCqUFRJOnnUAMI5h:0R/QR1BVRwRFAwCqUFd6h","tlshash":"24a34ccd950b0eff2dbd0854b957961020681f939d8ccc9773ba6e492bfacd4628a71c","size":100010,"data":"","first_seen":"2026-03-27T06:35:36.161472Z","last_seen":"2026-05-04T13:32:42.315265Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/zh-279ad9af.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d71f54e38433cccb59c605eaa0814b59","sha1":"b5fe80cbccb08e6de480b80d05ad5960401a5b42","sha256":"c9b72c7ee56e289b21122bfb008fbfc3c7f481b0fd2202e41c32e08b890be732","sha512":"2a2df2f879a08c3f39bd0f43ab29dbbfc5179f1ed566de8a7f4347b8cc91a179e82618efb6df1c8b0da0f537c2ed23a159e8c2e32ab96d33877a951b848f792c","ssdeep":"768:D9sgcXP80UU/fLS5LW0/so/mgrUYxP7sP+:DzcXRtetW0/E+","tlshash":"36f2e6d47daedd9a40e3a627b04f990120f75ec68626c4191fe99ef562d8f039783b30","size":37254,"data":"","first_seen":"2026-03-27T06:35:36.197546Z","last_seen":"2026-05-04T13:32:42.299527Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-05-04T17:08:15.939048Z","times_seen":36128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"9f73ae2f6a98b3a7c455fb46db3db35a","sha1":"a7797ef652b5ca85197143072639a89c92629e64","sha256":"b54f1adb588258baf4995088e9b9ba2b9256acc1b90f5dc4b114b35c59e55f85","sha512":"e65943e1f66069c83f92a1c6619dcbfb4f15e85b500c7b22779f94821934381d4afef99f6992704f8b65cd8b80ad92e6b1cba460fe050c2f9fada3b9fa2fe6b5","ssdeep":"","tlshash":"eec08cc4b0c22d001602a41010af24e49034502a78481b428dd4dc482e320b0d233e98","size":142,"data":"","first_seen":"2025-09-27T05:00:10.58257Z","last_seen":"2026-05-04T13:32:42.347497Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"94b7166f6ac0a26b355f9bbf3abf5c23","sha1":"d4985dfc5e6f93c148a05354d16435783c0bea14","sha256":"745b9353a34f0e3d8572d7024ab7a57a44a33b2b4d2afaed61cd8d5851a6c534","sha512":"d4b0c6fd5658daa9e720e3b7d5ed6e2db614f2d93e2c53e58d478941040ca15878bad8f7f7060c797b3efcaa4cf36bc72987918b737392ee6e04c32ab4cc480f","ssdeep":"","tlshash":"22c08cc9a0d26d001612651010af24e49024402770485b029cd4e8482e620b08233e98","size":139,"data":"","first_seen":"2023-05-15T21:27:53Z","last_seen":"2026-05-04T17:07:55.576917Z","times_seen":4544,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/#/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"cb0024a141d820b14f417d71dff50639","sha1":"dbe8e483f72be637712343df2ceb3d5c72f3e178","sha256":"64142350d82d76d517d19b5c4470f76264c5717b3dd313da5fc5118b354cac74","sha512":"27802f8ab379567efd52186754ff5f08e5f3c5739ac9e443f14c3123b544300517aff97aebb3f4489c14d77d3e12ca8fd5ebc4b24a08c7617c251aeee6e1cc63","ssdeep":"","tlshash":"f1c08cc9f1d22d001a06655050af38e4a024802b744a1b428ca4d8482e220b08333ea8","size":145,"data":"","first_seen":"2025-07-13T15:45:44.61234Z","last_seen":"2026-05-04T13:32:42.332182Z","times_seen":63,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"coinhako.fit/resource/images/dark/tab/quote.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images/dark/tab/quote.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 19 Aug 2024 10:42:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66c3219c-4a4\"\r\nexpires: Wed, 03 Jun 2026 03:51:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34181\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R09Yo1PLVQRQ3x%2BLdVIq29MhEClYgEu00YJvPaRFoh1bM%2FOshN99AV5z1d5rhFX%2B28jfTbuqrO%2FhGqiYw9mlpMpz0STwtaMoHzfblYB8eyPg8SebAfX6qPY4NbyQUMg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6d795e783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1188,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"966aaf41f4db84f6f0313f764e595f87","sha1":"ec31ebd55b615166aec1e4bff4a95366252f957d","sha256":"dbc3430ec06cacc10616c517f710085fd959912984173da9798bd95223efe816","sha512":"3bfbad89056f33eac8910a9d416780d6818aece383fce4b23f2a658b657a42e57a991a92c7ab958da140e3b293ff62b25771ccc0ce092c9d458d23e0ad646d9b","ssdeep":"","tlshash":"0921da29d5ed9095521586cecf0d4354d012ca70e4c42437bdd3b3f27651aa2405ad81","first_seen":"2024-12-03T23:58:43.681666Z","last_seen":"2026-05-04T13:32:42.295936Z","times_seen":96,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images/dark/tab/financialA.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images/dark/tab/financialA.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 19 Aug 2024 12:45:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66c33e78-5eb\"\r\nexpires: Wed, 03 Jun 2026 03:51:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34175\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dMZuxBSzcYdgn6335qw4IMxX0gxxY5cph0oaB65zgZ8qjoOCxNPCa3bLxz%2FBs8EvaegxBN746TutfFzt3D4feY6dz%2Bz8m%2F6bxncSMofwACmQ3heU9G6sPlqEYWmtQZQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6d7961783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1515,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"fca584741f0f25e819f2992d378060e8","sha1":"b2dd4dcfd83454cf474c37ab0a4636c61ff273fa","sha256":"af9f9650a27d83441269803ee0107396b23f5e428d6ff0918f01476e9a831122","sha512":"8434501f5125fd508f944d9fd3f052f274f218b81752d630779727412d4f6f1d6d17d970dcbb875f061c56c646ed4f21f80b6dc140baa97dd74135815be56418","ssdeep":"","tlshash":"1831299997ddc0e6217929372340f49a5bebcf862608218c4e8f46db44508101b4345c","first_seen":"2025-07-27T10:32:31.401938Z","last_seen":"2026-05-04T13:32:42.319934Z","times_seen":8,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/common/getAllSetting","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:04.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: zh\r\nlang: zh\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:05 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kXNaXJJR3bOBS5R9e1U8HW17sC1fB21RaPzN3XXcx5aHuf1JwCYFnwty2JZeoH9EgttWdrgSbiI1%2Br1%2BoELv%2BjoaG53rQDoIncp9Ij7tzw7QgGuQ0nhT5t%2F%2B1omo%2F2s9w4gRXYsH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce749a5e783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15131,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (14757), with no line terminators","md5":"03ccb05128475cbb0cae2a3d08bf936b","sha1":"ad440fe7e2381b7a58eff0296dace7d6f4a9ed5c","sha256":"a82e75f6ff03552a4d9646bbfdcb46a547b9ecb829533118373c6a1362ea17ca","sha512":"9850f85303c5572edf91e997a2420de586ff5f416b8f774f58341a44fe80ff5836c979cb3435b88c50ab55f2914cf9f8147438845186fc8dba515752a47d01de","ssdeep":"192:NAr1M3Spyj+o6+Rbcuc2VuJvFfejA7Hh5bOGKz32se+srqzCRo5lAMNB9Z7c6Axv:su8HAT2CGMT9Z7ba1xBhf","tlshash":"3562a71637c8ccbd87e60fc694bb3e0ab8cd34abd5a6d84594a5ef5cc89cd72054b109","first_seen":"2026-04-30T14:40:49.37755Z","last_seen":"2026-05-04T13:32:42.302267Z","times_seen":3,"resource_available":false,"data":null}},"time_used":899,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":898,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com/mahalei/5813342cd5894bbaa1806ee34210d2fd.png?2.0.1744718898202","fqdn":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /mahalei/5813342cd5894bbaa1806ee34210d2fd.png?2.0.1744718898202 HTTP/1.1\r\nHost: tg-mahalebi.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:21:04 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 5293\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D40C390C33630F8CDFE\r\nAccept-Ranges: bytes\r\nETag: \"14F4459E5458AFCF2187D8918AC74AD2\"\r\nLast-Modified: Tue, 15 Apr 2025 11:42:13 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2765385690435542640\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: FPRFnlRYr88hh9iRisdK0g==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":5293,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"14f4459e5458afcf2187d8918ac74ad2","sha1":"8dc1c829cf711279380050e152580ed62d392be3","sha256":"de9a547070d83dcccba1436f557d41564ada25b6b83b6754f65093549e8b73fd","sha512":"79c4d83d51680ee6a0a7825d24fcae31925dfff1326c7881180cfc372e117a5e84b55d2760bb062b2a0940d9849b8fee17848f9a5fd4aa43a80c129e86acfc6f","ssdeep":"96:A4BTqHyHZws+lWKnoO07vuMa5aiD6w2hmPeCudPQ76IlB2lutADcP:A4sHy5+5noF7GLEutWn4TlYMm4","tlshash":"50b17ee35166691901eb1032ad2e51b35cce3415e04edbcf6f6a60349debfd218883b4","first_seen":"2024-12-20T23:51:30.224493Z","last_seen":"2026-05-04T13:32:42.293396Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1905,"timings":{"blocked":820,"dns":13,"connect":265,"send":0,"wait":267,"receive":1,"ssl":534},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com/mahalei/7ae79c757e664ef28a3e4ca07d58fed3.png?2.0.1744718898202","fqdn":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /mahalei/7ae79c757e664ef28a3e4ca07d58fed3.png?2.0.1744718898202 HTTP/1.1\r\nHost: tg-mahalebi.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:21:04 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2054\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D40B1E8233238E45AB5\r\nAccept-Ranges: bytes\r\nETag: \"4D102B8972353C4A509A95473393327E\"\r\nLast-Modified: Tue, 15 Apr 2025 11:42:00 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 16315313743689724246\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: TRAriXI1PEpQmpVHM5Myfg==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2054,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit colormap, non-interlaced","md5":"4d102b8972353c4a509a95473393327e","sha1":"8dc24ce1adb4745ea44c49fdef2adb53dfd9a39b","sha256":"e72e4d393f9d4de9aa87ddeeda30496b3b3e7f6b000b1ee67a577043dd01a459","sha512":"6046c8383f1f1f8aab3f209f8890c46a73b0bfd839f1e2077f5b1b71bb71506e64ff5c5adfa3e5a94cbb8975583de49c832515521d8fa061d4793bb078e1fbee","ssdeep":"","tlshash":"3e41d873fd1a1a64fc1b0711df9c5e72e42a0092429545df495abe6d1ae3224d0f1d46","first_seen":"2025-07-27T10:32:31.384254Z","last_seen":"2026-05-04T13:32:42.295301Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1929,"timings":{"blocked":826,"dns":4,"connect":273,"send":0,"wait":275,"receive":1,"ssl":546},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-2479ba89.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:20:57.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-2479ba89.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:20:58 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 11 Mar 2026 01:15:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b0c23e-186aa\"\r\nexpires: Tue, 05 May 2026 01:20:58 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yS4CV6AGVz5q4rT1WIqHIQv4PxkRyYVYosBApruIOJeYu3wEJUSFeoehs2CK4DYyV2CMy8oFUKWHWOY6ng7b%2Fk0XVM3gNWljp%2BFeOe6Q3u22%2FBs2cbn3aLDxE%2BWNriU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce46baa3783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":100010,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"b9d64882f1e11ae3f3bb4c37263cef11","sha1":"8b2d8f1b8220428ab1766b83c4f9a72a1b9307f9","sha256":"a350e776adb6e7a11710427ce403a9be91523a3db587758cfc2f77d793d8a326","sha512":"477ac2ad8c788f1bb1172ce260684710ddccdcbec0f3c88f65d4ff803a1fa96536d0ea167dd29472be02378f300d188b70a5eb26e8a5a51e54ce53206bb2c4b9","ssdeep":"1536:oPt6VU/QR1yEJq00MayRwRFAwCqUFRJOnnUAMI5h:0R/QR1BVRwRFAwCqUFd6h","tlshash":"24a34ccd950b0eff2dbd0854b957961020681f939d8ccc9773ba6e492bfacd4628a71c","first_seen":"2026-03-27T06:35:36.161472Z","last_seen":"2026-05-04T13:32:42.315265Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1137,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/vendor-8c267198.css","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:20:57.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/vendor-8c267198.css HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:20:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-16c1e\"\r\nexpires: Mon, 04 May 2026 15:51:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34182\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3j4d2LAAQqm7ivN%2B5eK6q74SZ3aiT561laFMgtqxELTdn7r1AtTCeFIAx%2Bgi40SjGPHb4Rs77xKyvkZG0v35vsNvXHD4AfOP9bFpAQtlvlYW5bjnHcPe371Hsfjzzuw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce46baa5783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93214,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"509f1a66e8ad59bd27f081062f603f10","sha1":"323e5b51ac955ca843a2669bcee4ba00cde496c8","sha256":"8c267198fe044786df26943e5e5a048895118d991e8da41a16605df914fbcca4","sha512":"ce9dcd5836d4aa80a321213612d6aeeea98f0be7d2619818051e47c2a6729759044754796239ba08203b119fa3bfdb9920466fa924aca73894a1eaec0345dba6","ssdeep":"1536:BtIyNBi3MFYaQj7FCwsBlDOFIxuVox8D/zb:BnNIClDsIxuVS8nb","tlshash":"5e93d4a5a9c461fc6f2ae2659b8765e8f13cf671cc01daa0f105511d0fcbbf60613a3a","first_seen":"2025-06-07T20:44:36.433732Z","last_seen":"2026-05-04T13:32:42.318582Z","times_seen":68,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com/mahalei/ed731bd4719e45628489283734240a42.png?2.0.1744718898202","fqdn":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /mahalei/ed731bd4719e45628489283734240a42.png?2.0.1744718898202 HTTP/1.1\r\nHost: tg-mahalebi.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:21:04 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3727\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D40EE24003131AD7294\r\nAccept-Ranges: bytes\r\nETag: \"A20BBB7DFA18BAB06A2EC2EE39D92598\"\r\nLast-Modified: Tue, 15 Apr 2025 11:41:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2339286121034811798\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ogu7ffoYurBqLsLuOdklmA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3727,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"a20bbb7dfa18bab06a2ec2ee39d92598","sha1":"37cc1f85b52ed92b065593c63a90cb89ffb69bc8","sha256":"0e91112c74ae4df5488ca4ff4f9b8e659473a260ce11c03c1a40be9124ea30df","sha512":"2c564aea5a8ffd4b6b38746ae5b74755eaf7160228045c66644dd9be175efb3a8fca11345f9589694769cba14ad325c395e2dc84b276157c69a727f2e5d859c2","ssdeep":"","tlshash":"22716ed341aa8c3bc4481d7372272a915ab722e84687064f86c6df2de473db7be1c9c0","first_seen":"2025-08-09T00:35:29.118398Z","last_seen":"2026-05-04T13:32:42.319258Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1942,"timings":{"blocked":823,"dns":2,"connect":271,"send":0,"wait":276,"receive":20,"ssl":547},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/common/getAllSetting","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"172.67.222.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:01.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:21:02 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1w5bS6kNqGJzwxrjgMYuAh0M6Xas4cPjJ51okFK4Hd1BJ6oXjFD4bM3LgDyPBgBzStZtuIHB%2BUZD%2BIrbuYLwkD7xoc8P8WB0OWuDFFzTOe8v9B6PHIs732pukIKYVmS7lICfxiJe\"}]}\r\ncf-ray: 9f67ce627b8a56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15131,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (14757), with no line terminators","md5":"03ccb05128475cbb0cae2a3d08bf936b","sha1":"ad440fe7e2381b7a58eff0296dace7d6f4a9ed5c","sha256":"a82e75f6ff03552a4d9646bbfdcb46a547b9ecb829533118373c6a1362ea17ca","sha512":"9850f85303c5572edf91e997a2420de586ff5f416b8f774f58341a44fe80ff5836c979cb3435b88c50ab55f2914cf9f8147438845186fc8dba515752a47d01de","ssdeep":"192:NAr1M3Spyj+o6+Rbcuc2VuJvFfejA7Hh5bOGKz32se+srqzCRo5lAMNB9Z7c6Axv:su8HAT2CGMT9Z7ba1xBhf","tlshash":"3562a71637c8ccbd87e60fc694bb3e0ab8cd34abd5a6d84594a5ef5cc89cd72054b109","first_seen":"2026-04-30T14:40:49.37755Z","last_seen":"2026-05-04T13:32:42.302267Z","times_seen":3,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images//dark/recharge.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images//dark/recharge.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 19 Aug 2024 13:37:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66c34aa2-3cac\"\r\nexpires: Wed, 03 Jun 2026 03:51:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34181\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CYLdRxJ%2Bbl5LviZ9V1gHihOLC5DiqW2wmil0AgIlJe8QWYCQo5Wv%2B2Uu%2FBlLEsq8C6KH5IIIwV34crsPg7yPtoQ6023vyH7giwkBt4ddGKq7YT54Huy5GhUbFw3%2Bsck%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6c993e783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15532,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 94 x 106, 8-bit/color RGBA, non-interlaced","md5":"1eb5562268f70f381bc951d99105e60e","sha1":"111709c4e1c8e7c0861ffaff6f96c9d1e2f09b4a","sha256":"5b286557c5752c916f63844866437b681e613279daae1a3dd6515f48e3254a7c","sha512":"00c13b4a5488fb6dfebfab1a2264fc5071e6da7d6c95ff5a5ecad2b7b82637e4a27e983551b5cf860af83bcb684ca430ad8d936dcc818a32ee0afb56db741504","ssdeep":"384:fv659vBB5h9qD4Lx815k2PYMKTPMvRZoi3GPeUh:q5hf9mnXm0zGPeG","tlshash":"0362d054027ae89937489069cd37ec8df776ee65881fe5c2f78450fd2166ed084da40d","first_seen":"2024-12-03T23:58:43.676059Z","last_seen":"2026-05-04T13:32:42.3076Z","times_seen":35,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/platform/dev/config.js?1777900860884","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /platform/dev/config.js?1777900860884 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:01 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 01 Nov 2023 21:05:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:21:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"6542bd9a-18a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6rCOlTPwwLUbf4kuQVrm226XdFZkQJFy%2F%2FD8kOLUIGTtor3YqfK1UiK3y2UoCJeRBugDY6M1%2FVq6pGoiR%2Bg4qTlY1F0dBljbdiaCr4JxzJ2lTAhJu1KrAA7ciZ%2FkRSY%3D\"}]}\r\ncf-ray: 9f67ce5c9e28783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":394,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"4bc52b1aa6813b98e0af16a138354c00","sha1":"91ee6accefe6f24544627bdd1ae2aba499d5016c","sha256":"bf904efa24cb62a824547b6df3a7bbade81bfa77cc27124d7766ae502e5d6231","sha512":"22c852a633d0c36ccf7d549fd1c6a800698e42994d993a47f534b92c8ff8430c14d668c72d2bf8eb79e8b4459f83116bc75ff5f5269f36bc3b8cf2cb9ae886ae","ssdeep":"","tlshash":"f5e0abab3138c16451b08f2b6cec4817f68b2733494c010bf8b469041e79d542178890","first_seen":"2024-07-24T17:37:43Z","last_seen":"2026-05-04T13:32:42.287367Z","times_seen":358,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/common/getAllSetting","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"172.67.222.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:21:01 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ruaq%2FGwitS%2BGj%2FViIp%2FvcSZ3qzAyIRkh4oB%2BRQFuHmckgTRNz6Ac7ZsRByf2sd5aXzkUHpE2L5sa2jwuyw7qnRhJMJWVPEfoKaaU14pD051sSkxw%2B%2FKQtxzqjeNGuIWSbbU5C%2BJg\"}]}\r\ncf-ray: 9f67ce5d2e7d56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":1004,"timings":{"blocked":78,"dns":39,"connect":1,"send":0,"wait":846,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-d253bac1.css","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-d253bac1.css HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:00 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 15:51:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 34183\r\ncf-cache-status: HIT\r\netag: W/\"67febcb4-3d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j4DN6OW3BtfQ7xRgMYTMHTRYBMhVIL2BxWDsBJTiRXCzf3piInyPmWOJOOeU5l558891YPe54yF15ULPAakVIrLhYryKS0O%2BUl7KkTtMlZfatqixvejsOAQQL33HtFA%3D\"}]}\r\ncf-ray: 9f67ce5d0e39783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c88360cef8df86c995e562333879873a","sha1":"8674b487cf92f20149c0ef681b42a599469813bf","sha256":"d253bac175b5b52734c192e96d18c8b26b0c92b881584f63b7de91bff96c6149","sha512":"eeeb5ec01fe8c7d483182fc60a2b54ee1d02994718fd9b23a6182f49ead49d889889f21592b2955bcac8cc859023204782db3210d3a0c706a3e4677564db3636","ssdeep":"","tlshash":"f6a0026d11156404b2225341ff5ff95dce686917da91820453421c9135cbe8f25d821b","first_seen":"2024-07-24T17:37:43Z","last_seen":"2026-05-04T13:34:50.772959Z","times_seen":301,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-144e407d.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-144e407d.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:01 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:21:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"67febcb4-1fe\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GSl5jw29vF0q496Zn8CSD5OknvaR6u08YysvFzI%2Fn1vqt8q7Zc25voz6cF%2FFUku%2FOIyLBegkIyPQhJDF6sQpWNvBnQ3x0rYiunjeGBr3%2B02LuijtFJReTZV%2Bjuq3AKk%3D\"}]}\r\ncf-ray: 9f67ce5d0e40783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (509)","md5":"be264b3a7eeaef4c9824c3125fe919c7","sha1":"6b4a2c9a3af05d7039bccda6272e9104f559bcf6","sha256":"2542b0c24ad79d2399e41c39a2a617a49d8c9ebfed5c824f4a392690ce162cf6","sha512":"2a3e9125487e369666c13d8742da5a02242c01881439618e6e7e3b4dcbf2c02c16a82936b49b3085b118e8fd16fa3f7e2a41793b275907104c9c56c1e1f130e7","ssdeep":"","tlshash":"43f00e7fbd7a84720bb388fca1630820ba182f162b54c4d4e4870e14cb388f7d56e214","first_seen":"2026-03-27T06:35:36.185506Z","last_seen":"2026-05-04T13:32:42.289649Z","times_seen":4,"resource_available":true,"data":null}},"time_used":909,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":909,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:04.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"POST /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: zh\r\nlang: zh\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:05 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vpyeBpteQVEkyIflTX1FWcd4aamgq%2Ffamb5mg%2FcobQk6h0szGYGRVhSPFOen8L1Ig5jkiY4NkX6Z5HMMlGJ6vfgXiXFS7ZQH5t18WYiG8Vjgxt0EVi9Owc09jlI2j%2BvsKwEal5U4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce749a5d783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1077,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"ff72b73b12200282b686880412328008","sha1":"cd4415a68c7f5268db967fbdd39a54f9ebccfe00","sha256":"252ced208d4a8b91cdd22b7229f207f160068b07df999261a4de88e2bacef630","sha512":"bdb1f4d198d35f87d19a5859d426d036ee78c8783ec94e6420a0efd184cfb89f25be356477a3532c5f7bf873157f89088c050f0cf8c7db1a511b34a4272a8a9d","ssdeep":"","tlshash":"a911cc0e2a38dead0c0549cb64ddbdcdc59f17878671cc70aaaacf6c41f55bb0b1a044","first_seen":"2026-03-27T06:35:36.141238Z","last_seen":"2026-05-04T13:32:42.313147Z","times_seen":4,"resource_available":false,"data":null}},"time_used":913,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":913,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:04 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W4JRQxo5qcQAgATn1F6DJF0qkBFj7OzaPrraM4ea5jSwFUBpcryYvDTkvE1QGTHdrpcRyLHfb0ewP0N7laxrsYoXox0515E9y6%2FAz%2FzvtAR8L6BXomA3EfYgrjkDOAWbt1TCdYSU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f67ce6e7977783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":871,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":871,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/common/getAllSetting","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:04 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wH3hQpMkBQ5BMQer8FfvZecU9dOP83ZC7R4D9%2FZ1TsLzQJjxZlVXCAIsCkGVLeJzj9snj3wOGiFsV8fxKbjD8KC79Oyg2h9Mcgv%2Bkzno2pTaXtGGYPDva4EiTDN8nvb%2F58G8V8w4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f67ce6e7979783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":888,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":888,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/charting_library/charting_library.min.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:20:57.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /charting_library/charting_library.min.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:20:57 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 01 Nov 2023 21:05:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6542bd9a-2a6b\"\r\nexpires: Mon, 04 May 2026 15:51:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34182\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4YygCXVLrD5ac5tLTdIsmn3KMVkpfyM4rNBDAaQrBA%2BC53tTnypz9DWuLpAgVsK9LEKNnZEIrA%2BuoohVJJNDnZK3mCFKTvf%2FHMvfIyWngWM69lRB3dUerspQXn3Hn6E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce46baa1783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10859,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10857), with CRLF line terminators","md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-05-04T13:34:50.787729Z","times_seen":936,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/currencyItem-22bbd286.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/currencyItem-22bbd286.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:01 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-9eb\"\r\nexpires: Tue, 05 May 2026 01:21:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WrkAdeFASrFWAXkxEQ2rdk7WXDJF3X5xso9SHBhOTQmA6AvbqUYsY9vwdUT3HFvbdIATC7SzrMtvrTfiHVb68cOmuJYJCIhVrjgtC0g6LvGAqEYveSs%2F2fMmOjlxl7c%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce5d0e42783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2539,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2538)","md5":"8ea6e03ceedef7f7940c1078ed0ad122","sha1":"5320454c2f007b61b71b182072931739bd156795","sha256":"d7a3864cd6c069b37b63ae3e4c34c516bb66d44e144a2c7dd056f65094b93328","sha512":"360fb5d01a980420229d4925aa543dfeb46360dd268444d0faf4b7b47fbcccaa610cfc7e2f0b0142acedc872e581a04a7d1071220a0dfe53b3281a8a7c5e3646","ssdeep":"","tlshash":"0951a5adbb1186b9d77ed890c5a82811172d37cb3026cbc4bade04063f1ad94d329b34","first_seen":"2026-03-27T06:35:36.148254Z","last_seen":"2026-05-04T13:32:42.285568Z","times_seen":4,"resource_available":true,"data":null}},"time_used":848,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":848,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/platform/dev/logo_144.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:02.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /platform/dev/logo_144.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 01 Nov 2023 21:05:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6542bd9a-b5c\"\r\nexpires: Wed, 03 Jun 2026 13:21:03 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=6,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UKs3qJbQqQ6BDRvHOGm4bkRTC%2BiKqTWFYIUltLfeG79yHVCpFhWaa%2FJsCDmNpcwBaXbypQiHA5Uw4QqkuraADCFrukriKkkRga9CufDbYF2Bx7SVU5OWAB8HNfjIVCg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce65a82d783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2908,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced","md5":"9a5a67a3b984ab223eef25ac3f419432","sha1":"5b07513414db526d86d32c3b8f42c0dbb62a8e71","sha256":"38055609c5d61aad696e97b746489c7f886b79cc069326312c6a111062019777","sha512":"4f610ac72700d9727ff6d32567b7d71a582a8c87eb067e4f33a8a910c66968514277df68c0794d1db6ce3a94ed0111003a71afd8cab40dcb3bc062dfb9f14bad","ssdeep":"","tlshash":"0c5119e6d89d003a4dd329b7b0f03e45fe7ab5fb5ab6330480972b3065552ab84d8327","first_seen":"2024-10-20T08:32:52.883488Z","last_seen":"2026-05-04T13:32:42.301574Z","times_seen":259,"resource_available":false,"data":null}},"time_used":901,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":901,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/platform/dev/favicon.ico?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:02.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /platform/dev/favicon.ico?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\nlast-modified: Wed, 01 Nov 2023 21:05:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"6542bd9a-10be\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q5qN%2BaKd1poSvQXejl7rUmTzG62JxvTy8hixR06M9kGrhyp5nUWkNDDBjFTycF%2BrgjzXjo3vN%2F2EIT%2BFmTiK5VEsCo4eUw6eKRKcEGkXifVnBxHlZuL1HOG1p3KLQHw%3D\"}]}\r\ncf-ray: 9f67ce65a82f783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"4d7f84666216f26e7848790e3d9913ec","sha1":"5c894379df1ee0f4da104097a1c56781717e3aae","sha256":"4540287687cc73dea83a1b00f8c3587391ed8febe9b13cf2f85f44c7d751622e","sha512":"71fb682c291ef222fbc6e93379caee5554fe3f5bc95249e354bc2054d0b793a10800f0338323508df53a1c333d31207ef500761d02d1f1c02c5f30eb1ac82940","ssdeep":"48:BR0Md7T5of0zRbOj+E8307xqOaOmO4PIO4oeFbhMUEmUb74QI66DxaJnUMbUTI:ByM8C96dR4PT4ZR6UenUM/","tlshash":"c791c5226049a48fdd4e5b7b027315099213afaae7218337c43dbe51494be8dca50dcd","first_seen":"2026-03-27T06:35:36.216162Z","last_seen":"2026-05-04T13:32:42.292753Z","times_seen":4,"resource_available":false,"data":null}},"time_used":917,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":915,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/svg/dark/mengbanzu12.svg?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/svg/dark/mengbanzu12.svg?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:04 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 19 Aug 2024 13:33:46 GMT\r\nvary: Accept-Encoding\r\netag: \"66c349ba-76a\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FsQJ092PnnmFWurLMiF8MJwY1ZGddK07vLdbGIjjZeRNyXNZ1x%2F5dMHYOvHXDfq1jku%2BgDgA0xNAAT3va%2Bi14BgAL4J36XyjcNNKD7lI4Mirw5wj16oXZ8L1fjr%2FkE8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6c2927783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1898,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f262267496bf86de09b562db82a676d9","sha1":"a9163b950a68f56705da45159ba44533507505c5","sha256":"8c02636fda22906716b1b028e7dfde4a436cb95da0029bdeac8e201030f344a0","sha512":"c9bda0880dbea6da7260578858be5402c6a62d85cb8f8639f2313e02f7fda87ae24d05de9b87efb86dd1341dab2165b9d90524dd44d2d1938b25b63a2e1a6c6e","ssdeep":"","tlshash":"364175c659f952e4f2cdc320d6a731051e6a747730e1026cfeeea5656b308f90f8e049","first_seen":"2025-07-27T10:32:31.414438Z","last_seen":"2026-05-04T13:32:42.286176Z","times_seen":95,"resource_available":false,"data":null}},"time_used":889,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":889,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com/mahalei/7fad2f59926246ad968423153137a789.png?2.0.1744718898202","fqdn":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /mahalei/7fad2f59926246ad968423153137a789.png?2.0.1744718898202 HTTP/1.1\r\nHost: tg-mahalebi.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:21:04 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 4700\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D40CE63A83135CFCAB0\r\nAccept-Ranges: bytes\r\nETag: \"ABECA3ABFC9BD7E938CE03FFE4336846\"\r\nLast-Modified: Tue, 15 Apr 2025 11:40:08 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2242578967330433804\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: q+yjq/yb1+k4zgP/5DNoRg==\r\nx-oss-server-time: 23\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4700,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"abeca3abfc9bd7e938ce03ffe4336846","sha1":"14da412e77a271a07ecedce2ae59bf9ec3e82d7e","sha256":"ef98e502113bd47d0cd313a36cb869c901b0098d422ab945e145dc6f85023cd9","sha512":"f1ad211c48a84c19f4fe27095bf9440f862c904a27bd6119afe1b01c0f7fe2f09f19b4b43c750722f9eb02f50e7e792faee7c2519df673d872bb1c0602d85a8e","ssdeep":"96:A4BTb4irVgrOkLvZp93nYXEIMGWknNUl2BofAfo9pByRzBYJ:A49Vgr1RMXEIFg2ifJ93UBYJ","tlshash":"43a19dd5b07772a4d047ab3a3517b39afe75b0e841c98bccb71c1138992508af0fe205","first_seen":"2024-12-03T23:58:43.611351Z","last_seen":"2026-05-04T13:32:42.305652Z","times_seen":38,"resource_available":false,"data":null}},"time_used":1397,"timings":{"blocked":1100,"dns":0,"connect":0,"send":0,"wait":297,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images/dark/tab/quoteA.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images/dark/tab/quoteA.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 19 Aug 2024 10:42:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66c321b2-729\"\r\nexpires: Wed, 03 Jun 2026 03:51:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34175\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tds%2FIB%2FLHfImB2kHvPlB9V4IKq%2By%2BwZzZ9GEZsuAX4mkyI%2FQ6zp1QTM3V%2FYOPwcX0kxXUJRiYH3uBydIpw%2BqzXTz%2B4eYpHwkfh1b7U4VMElXRrkwf2WD3dKZkrx%2B89k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6d795f783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1833,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"291b8f5b08875e9ce6af79bb0018c980","sha1":"0c791cd5963dd4c6e08ae98d962fc9c2d08bb251","sha256":"842461abf461bae7e50705d3bc2c78ef184195a5e2da4b357ca9be4f435a6761","sha512":"0dde3cc862205dcc759085d58ca8709ee85cae9a3907c30c4267ec14685d4372d8cdadad20c92af3951a0e21edba74cb26a618c0387cba5dc9f3270a68fc299b","ssdeep":"","tlshash":"fa312ddb510a3ab9944500f7e4fb09b6f19814892807ea5e8648688493c48448d0fecf","first_seen":"2024-12-03T23:58:43.672045Z","last_seen":"2026-05-04T13:32:42.310307Z","times_seen":17,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images/dark/tab/trade.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images/dark/tab/trade.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Mar 2025 10:21:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67d554a2-b4e\"\r\nexpires: Wed, 03 Jun 2026 03:51:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34181\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lBAFWVKTimYvjs7EGJdS6iUWud9jt9Hnn00RzC55182LEEerGT3kW7wgiXmsKr5r%2BXPXsdrXVT4X5J%2F8SUioxZBfvxT3spd2Mj5cHO7IBHtapDNjcZcpy78ZyicrvJ8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6d7960783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2894,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"4993b63bc7148331be75e6ac61491ff9","sha1":"f622b2f1f80970be75c0b064abc63948e08dd19e","sha256":"bd5042359cc96823864fb25ff6b6f9f0382edd6a3f0e8dd8205ef7388a074663","sha512":"d6b74837ad62cfe70007e6d728f37732f809b5031f557e2c8c6331d006fe575944648ed03834f4aa6dc918977392d04aee814a9d49287515b647be3f0156a8b6","ssdeep":"","tlshash":"6d514be6b8d8bd96471422428e738ae1e4361819cd0c81553928b7f36569c01edf695e","first_seen":"2025-07-27T10:32:31.442262Z","last_seen":"2026-05-04T13:32:42.296548Z","times_seen":8,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-5a2acda7.css","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-5a2acda7.css HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:00 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-1787\"\r\nexpires: Mon, 04 May 2026 15:51:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34183\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LjlSWO%2BbM2IkmRY1%2Bj1pLbtd4Q9joAfuSaXtGR7PmXrUYVXQhbhkx%2FfOwEl6tI167CzmsDRkQJv%2Fc9IB94u3j4t48IwjaFmUacBcHHWkmbSQKtKRwZqJ9UbxApvP1r8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce5d0e3a783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6023,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6022)","md5":"a0a8a95105c2d390142dd61e76f3a063","sha1":"5120bc1ef2137992fb7f6dce26558ddef8154791","sha256":"5a2acda7be15fa9523b5a39d4bffadb6439aef58c4dd1264f646f2c87aa6b49c","sha512":"7bb4ab8b9738954b6f0ff6048e4f86f3097b65a798c94b6ea1b4e0162d601fd5fa5513359c6778eae6d2eee83c73e8d86c23f212adf46afb1588d97e9cbc590c","ssdeep":"48:lh9VE8dNtPd96dXZwFqF6dXU6Eg8lxKvdDvGZhllIXZQUfk9uHokLkLm8ZMkGtlw:P06PVos55VOmgax6+s7FqdMSmZ","tlshash":"01c10f5de7ee1030d877c58f6ec009ac811cdac2e40a4d9ab277920249ef7f33e55a96","first_seen":"2026-03-27T06:35:36.146041Z","last_seen":"2026-05-04T13:32:42.309593Z","times_seen":4,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-2aaddfa5.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:01.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-2aaddfa5.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-139db\"\r\nexpires: Tue, 05 May 2026 01:21:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TUfrJYWaRg%2FbuxVMeJpvkosNqVGy%2BiOtojdLCO4STdTe7Vr2OzAOPo%2Fb0eWpTg%2Fq6pO4iesKcaT0Kl4yiBzlrR7spJO8exJcrSnSEfx%2BXacM2hZu%2BUgEzu6qotBG43I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce5d4e4c783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80347,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e089df8abe8e91652dfbabb670c3f2fb","sha1":"3d15382e1d023de338e006b5940b28c579039f59","sha256":"ec0e86f8bb3c5d1b0fcdab71df671b7880313d62d09cb51ee66225342a322d94","sha512":"50de5b43bbe1a8e64df84ca5948cc2a2dc441fe470a693e8632d29b12d314ec03e09831687bc8e225e44b4cad4f9cd97e05649f2ac0fa46094283387dcd29f78","ssdeep":"1536:kUzdbSgWUEvzDpwuPlMa+714aLosSMhRf4w4CHLtl6BeLKREPDne8:1vlEvdSLfSMh14wjtl6BYKCne8","tlshash":"4473f9ddb282f436429661a0403f060bf337ae98740e4558f268e5cd7e7c989a17bf79","first_seen":"2026-03-27T06:35:36.16545Z","last_seen":"2026-05-04T13:32:42.282847Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1192,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1187,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-8c6d956a.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-8c6d956a.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:01 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-1382\"\r\nexpires: Tue, 05 May 2026 01:21:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AyKRzuHFLfdnTqus%2B3kARsCZRq11p%2FqRHvojxVQPHay7M3rxOC00nNISHZKhmdB6RQuhkarwnqdPHOT%2BD3FDkvaspulUOQXYZiXNnaFRfnGP8QuKFgK3HdWO5u2JGbY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce5d0e41783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4994,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4987)","md5":"d4618b735f029163bb0f72a734688d5a","sha1":"0b8b0add4a29f07efff7eeadb07ec8dccc389bd6","sha256":"6d7c0d3d2f7115949d5ce2524b7eb8a1f23da531325c5d627d23c368ec7f9c47","sha512":"8a1a94b087a8bc60413ecddb60c0790ab3a1058bb00e7fecf860918fbe05128acaa4b846eab2128c7e4d381167a0ea78fa2a4fa4757e1e260514694fc4fc65d8","ssdeep":"96:LXJi/9YcqD+wS9xy4cR2bUkiuabiW3hvhg36a8Nmo8/oQNlijk6:LXJiFYcqiwSahR2bvVehvegwoQ/sk6","tlshash":"16a1a699f502c5baeab704504888042031ac7bfaf20448b5f7fdad4a27b8c79d795722","first_seen":"2026-03-27T06:35:36.119991Z","last_seen":"2026-05-04T13:32:42.292134Z","times_seen":4,"resource_available":true,"data":null}},"time_used":846,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":846,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-bc011be9.css","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-bc011be9.css HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:00 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Mon, 04 May 2026 15:51:16 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 34184\r\ncf-cache-status: HIT\r\netag: W/\"67febcb4-18d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WdI9HRKgSB5sLfJZ%2Fvi4i6afr4dSHjUcY0N6NQrgxHf5HZLnmq8L%2FBu2LxZ2VV1MT4zW%2Fqtvog0PaH1kAmo1ZUmZp0q%2BUjDQGZrAe76J883QJ6e29nCFYWpt4gkpdGw%3D\"}]}\r\ncf-ray: 9f67ce5d0e3c783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":397,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (396)","md5":"5353ff252ee4a5e7a3d0176de6a6c712","sha1":"c83942b5dfdb4aa8be53f26b39e53b0b257595e0","sha256":"bc011be90fd6cd33a399912151a5f69ba0d8e394563c71c4c1bea7a4ec032516","sha512":"9a17506817918ef0c9a5d0caebaed8f603641dc1015a726bdf247645a7e0a988b543756d7254abafa18dd4cd9d27c9a198300632156faf59f05c1e27f0a5e30a","ssdeep":"","tlshash":"5ae092c890d6927fb62b607d267c931ad425ac88d8007bb8e67fabb146c7ac53172215","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-05-04T13:34:50.782928Z","times_seen":657,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-04T13:20:56.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:20:57 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sun, 11 May 2025 00:57:18 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lc%2FWkzl%2BwGrrKJjqnpcA64Xsbi%2FeG%2BUVzyWuY0cKxIMuaGdmA84cQImrT32Nc6UzF5NgpfCCnMbBs0gw7eU43ZYgwxqcaImCxGSZXh62KqRctp%2BUc730tiMx6Vn6Cmg%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9f67ce401a5e5697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1094)","md5":"2e26140ce92ae8b60a05b02de51aac05","sha1":"7a0c5f68ca5a9c09ebfb4022cc67b00301b7b232","sha256":"054d544441c86b172cfb157251de1fb0eed8a996475260f3a572c1aacf793c11","sha512":"36cd2df81fb5ca29360917300eb31ff65a12ddbef82eccf6833e4f5b833cbd51243b0ff4ab55f93f3868cc25f69d38915255111f63110e8ebb1eef36be904697","ssdeep":"96:Tr82C75yKuc60FsDFkyt/qnr6TCZydHRH/g52mUsGKAiowGpuB1niH7iHzH/w:TFCL60FiWZCxf82nfD3bpuB1nibiTfw","tlshash":"ebb1a1b39df4c81a2362057beae7f0089e60119386295854b0cc64fd4fd1fe284db7b0","first_seen":"2026-03-27T06:35:36.183381Z","last_seen":"2026-05-04T13:32:42.317913Z","times_seen":4,"resource_available":true,"data":null}},"time_used":992,"timings":{"blocked":54,"dns":35,"connect":2,"send":0,"wait":883,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-c5c460da.css","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-c5c460da.css HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:00 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-3195\"\r\nexpires: Mon, 04 May 2026 15:51:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34183\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NaDE9ohN4eHlAAESebmnR%2Fe80kiGGLkTk4sCjQczo2AjDPPRbJkLK1p6gWZVAixrw3uT%2FOuTjB326gSZlE5SwAOIxik9%2BsnkVGibak9C4%2Fu25%2F336OsmRUUBF4MeEBM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce5d0e3b783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12693,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12692)","md5":"9c486bd1c2fb276970593e2755dd80d0","sha1":"69c790389931256edb29d3c806e667a78594d266","sha256":"c5c460da20c7306eed95cd7d13ee3ece3ad86a5d954de00e452e80492652ddb9","sha512":"183e3204e2f0e3b29beceab2c3a5b62ba514bb015439131b61bd90b552d8e35eee62361ab9521cf41fd7a994292a21bb8905fd87452651d476c609251ae052f9","ssdeep":"96:QRH8ZMyGqfok7UAjXMp5mXUVM2tL0a5OZ2ipcjqfBQsEoVq62rTrZkkr+6BJQBOQ:Qccqfok7UAEYvVp8qfBQRnax6DI9N","tlshash":"b942933cb7552238ed37e2a57ed449cce219ba12ea979dd4e517c9264cdb2f31b30048","first_seen":"2026-03-27T06:35:36.213167Z","last_seen":"2026-05-04T13:32:42.28853Z","times_seen":4,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images/dark/tab/home.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images/dark/tab/home.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 19 Aug 2024 10:42:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66c321a6-465\"\r\nexpires: Wed, 03 Jun 2026 03:51:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34175\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0KVjjDtjE3v4oSXU4yIYHK2djStADd3LglGRzDgw7cCwThXeRuvTsFoOXs5%2FOIxygHUsYGiZE%2F00DFoXX3ES3Y6bjh%2BGmKBXbgD7xFMPUrHU%2Bt2V70pjtPZcsnSyjT0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6d695c783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1125,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"3e844bfa12234f1f112eafaaa9e21322","sha1":"b75a3140cad1c6e7e8364e7843b575a0e0c7b07f","sha256":"37407f0de333e2b65f0685e4e169beb089a025b37fa8081230ea6888b46cddb6","sha512":"a56a102c46fce5255ba0fd3751ef99ec4019e2256e9cde44c3fbf09fc66773ef9a61d4e9f29bb78ffc6b928defbf15e8deb835d72d2fdcf5ebc32e9f4b8dda31","ssdeep":"","tlshash":"16219af12247c83adb127dba863a8f59d4229e765e41d110cf84dc60b61d73442595f1","first_seen":"2024-12-03T23:58:43.650196Z","last_seen":"2026-05-04T13:32:42.300251Z","times_seen":17,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-eedf0153.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-eedf0153.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:01 GMT\r\ncontent-type: application/javascript\r\npriority: u=4,i=?0\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:21:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: MISS\r\netag: W/\"67febcb4-308\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=140%2F6XB4k1fiMpMBF2I0Bazj1lTB5jhTnFwvJo8Jp9YAh%2FlnnDhoOGtO3vOwBL1OWGwzGY%2F8fFadYEd34jLLGCx%2BBb8FvRiaWw%2FpnPjtCssfXLr8TcawsOEP0LdtICE%3D\"}]}\r\ncf-ray: 9f67ce5d0e3f783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":776,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (775)","md5":"587a2d7e1b1c8325c3e3762bee1660b3","sha1":"7bc56d82d3e2677c03aa45f8a27ac558a504a24e","sha256":"64d230b35e39ea029478e520c0d9b1b80336e66715ba8370a9a248c293e364bb","sha512":"21f1ba665ea25b585c08dd2fc860866ff7300a597b72067f4face0114698e6d12e6e2d18ca90b2b16aa9286a68f81363d0a9fd788eae42f73ff99df8dd2b69a0","ssdeep":"","tlshash":"0401bdf9fd0d8ebb0fa20a4141a1360114092fddfa1419e298867d661be4950d7de72d","first_seen":"2026-03-27T06:35:36.176554Z","last_seen":"2026-05-04T13:32:42.289067Z","times_seen":4,"resource_available":true,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com/mahalei/15b5264c92354cc892e2cbef0c5453fc.png?2.0.1744718898202","fqdn":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /mahalei/15b5264c92354cc892e2cbef0c5453fc.png?2.0.1744718898202 HTTP/1.1\r\nHost: tg-mahalebi.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:21:04 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 4038\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D40CE63A831354FCAB0\r\nAccept-Ranges: bytes\r\nETag: \"C921FDF5A26EF0C99375349016A29604\"\r\nLast-Modified: Tue, 15 Apr 2025 11:41:13 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5495058958355036844\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ySH99aJu8MmTdTSQFqKWBA==\r\nx-oss-server-time: 19\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4038,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"c921fdf5a26ef0c99375349016a29604","sha1":"59f1789d13480332e111408c46a0d7ea7e6b2276","sha256":"03022e7ca4bb6d1f9ee43462c8f210861bf085783328e30f0c44ebd3e894eada","sha512":"7456eaf0bd8d6477a50b3a7bc9e5a073d141726242e3ceec7f8e6788c6440ebdc1601e7cb795ae47d61e9c720f554885ec672429b50dc3261ad2b72d1eb71cce","ssdeep":"","tlshash":"fb816e5cf7c1e629d4153b3e4852ec16aeb493292b0ca3450adcf42baf05daa153bf16","first_seen":"2024-12-03T23:58:43.61418Z","last_seen":"2026-05-04T13:32:42.304847Z","times_seen":39,"resource_available":false,"data":null}},"time_used":1964,"timings":{"blocked":834,"dns":2,"connect":273,"send":0,"wait":300,"receive":1,"ssl":551},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/common/getCoinList","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"172.67.222.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"OPTIONS /api/common/getCoinList HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:21:01 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7eH%2B4R4bq5Ytk9j6613ODdHwu3qXjkBKKEFbPqv0Tb8TjxhBnMq01HDXeoFc5j9Msvd5942hyYTH6WVen3NoOc4%2BH47F4h9YU3RySHzBOkxC9p60%2B%2FX7wGs2v66DLFuVU3nkOBU3\"}]}\r\ncf-ray: 9f67ce5d2e8556c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":1030,"timings":{"blocked":80,"dns":39,"connect":1,"send":0,"wait":865,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/common/getCoinList","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"172.67.222.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:01.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"POST /api/common/getCoinList HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:21:02 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qk8I9PJmMizqP8kCOgRDpc0rOSHeeoh7GIBZophx%2FtoPt1qT6DueOOAvjAo9D6mc9f8UMHEbPpj7g83IjK9jiShKAOUhEBxx45pkMtHkeb%2BEyX3Kig7zvt39iVYZMma%2BWHQB4aiW\"}]}\r\ncf-ray: 9f67ce629b9f56c6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20876,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (20860), with no line terminators","md5":"41c6d8b483c6c5c2df22b63434a52b20","sha1":"7f36573d1255f3b394a39bfe80003d576425ec13","sha256":"2866b33eb484513beff24b07313f6900f563c141c112f623f37a3395c4e69a8e","sha512":"9cd7999670392f6b2a81d92eb15da082599a9b5e9b7c50bb5b9420ae54ca12336ad23ca01498d690a4310808325c92b4807d280ad17b9b08324556086d4c16dc","ssdeep":"192:5o5o7o/oLohoZoNoPoJozXhodXEiXoRX/EWXRBX1T0XX7XJWSNguanjMK7Zlz4Rf:52QMcOmWUSp6IsI","tlshash":"01921125512884bed539d1d12eaf3e13514e353fedca8e1b8ade4e888ee8e705507f06","first_seen":"2026-05-04T13:21:26.461863Z","last_seen":"2026-05-04T13:21:26.461863Z","times_seen":1,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images//dark/next.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images//dark/next.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 886\r\nlast-modified: Mon, 19 Aug 2024 13:37:22 GMT\r\netag: \"66c34a92-376\"\r\nexpires: Wed, 03 Jun 2026 03:51:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 34181\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5MLOX7JGfAMzzsvujcuP2crwPgZfM3OjVKUdta72PIUJoE8s7%2FyiM4O3Zx6Fz2a9OXmfENquehsbFHLJRb8cKthXz8EbDmL0XxUWBivsDucoxlT9naoR4CV5WBPOZSU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f67ce6ca940783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":886,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"f5568a4d34f29c24bc992d74242cd4bf","sha1":"926b70f89a9df1f1e14ca6abd61c443e5f482920","sha256":"9268da1531d49809823edf05521c3877e0b8918d26f6e87f87d1b52e8506107e","sha512":"4fdb4db334559cfc1edfe98652c7d2d726703d8b52c60e81170df794c365b72fa573ad977a09a5ebb2c451d12002420b566ab6a8946aac27cb9e353927d0654d","ssdeep":"","tlshash":"d511b7c0e38148a16d92fe2e460d5b51d3733e5a306c0f582016fc31ad4d0cb191ab15","first_seen":"2024-08-29T17:49:51.968983Z","last_seen":"2026-05-04T13:32:42.308259Z","times_seen":40,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images//dark/withdraw.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images//dark/withdraw.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 19 Aug 2024 13:37:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66c34ab4-3360\"\r\nexpires: Wed, 03 Jun 2026 03:51:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34181\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0Bw%2FS0Z%2BumvS8mbVKF%2BsC4gPxVgQ%2FweNMYZXn6kjyN%2FWjunh50SieA6tuTNX8rjbdBMKrW3cGJAtDvmiBX1hjd6KgvaNytax9OTjkKD%2BO0kU%2FEp4CJx6ZZZe5ZLGId4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6ca941783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13152,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 98 x 94, 8-bit/color RGBA, non-interlaced","md5":"7ac828d002e7a42dbc688ade365cb774","sha1":"72cbdbae7a865429a02ef404873b38b35051a168","sha256":"d9f70ae5f23910f88f2fd00b88d9eb5985deb7e436dbe2f323e1017304936609","sha512":"779bd430b46825981257b34916f1acd1960767483e47a5e162350510183a40d1fb5e30f283e90dd9babaae788916cbbafea34ee19da63b7330ff9a4f65a75d60","ssdeep":"192:4Xj5cTKrbG18PAMguF2L9V8lwVhBA5ey1+lA80Ss0lS1WBjUQSbyZ9HpVtTIf4YT:4Xprbc1n8lshBJZ3XBjlfHJrIRmN4","tlshash":"6d42bf8653963ba1cb562732e62ba5c733c99477054022e1d070cbf68b2e30ad37c90b","first_seen":"2024-12-03T23:58:43.66395Z","last_seen":"2026-05-04T13:32:42.284231Z","times_seen":35,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/vendor-242a4b3b.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:20:58.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/vendor-242a4b3b.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:20:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-e2d60\"\r\nexpires: Tue, 05 May 2026 01:20:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S2JbUv3Rl%2FQoRygEuHrU6Dosb0u%2FAwB46LrNbDhcPZbguhn5rOxJlhfZO6IQtk6mwY5A8Et2D8dwNIbW6pIv4I3rtv9ehSAJlRmLehrK%2B3ijWcHoc0qMoIIIAO%2FPKDI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce4e0b64783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":929120,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"04107a5a042b9feafcb3aaf480719d91","sha1":"1e5103a25f965c25fa1d52e7a4901b6d38d77620","sha256":"1dc511d478e101965d459a0f747ee86a7cd93485b66b34e73a0fd76d6920f433","sha512":"119c538b8d10a082a99ba8a4c1837d5502f10624973010acca6e0c930e7c7643eb9bbf148401af4b6e43f02902e435db2db768e2b32a871e016542bab3f50b52","ssdeep":"12288:WBIesgWlYRnKHAsm96ieFw7Ho7FVNIeJWDssQXWprmUM/hY8x4GOA:WBIeCgKgsAeFw7I7F3VLsQXWprmUMjf","tlshash":"c0153ac97292f06147ab20e140bb0006f33d6e59740e84a4f56d99eb7d69d89e2b7f3c","first_seen":"2026-03-27T06:35:36.14375Z","last_seen":"2026-05-04T13:32:42.291509Z","times_seen":4,"resource_available":true,"data":null}},"time_used":2168,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1237,"receive":931,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/svg/dark/user.svg?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/svg/dark/user.svg?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:04 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\nlast-modified: Mon, 19 Aug 2024 19:30:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"66c39d56-227\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OZbMhESU090XixlawzkxjAV5RxLgrAV7UqQKQMOcdma0dW5RcDBz%2BdMQN4III1lZ3cFJECBhEBPZd80TN2qBaMk5z2o%2F6jgyjIfl6bA3R2nxwuB259UMI%2B6h6H2%2FmUI%3D\"}]}\r\ncf-ray: 9f67ce6c1925783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":551,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fe825252aab11dd240726d05c35fa36d","sha1":"31e423d96b832f0ccb5dcc7c5b5935459fc9c095","sha256":"d91946a14ed139f4b43f6412922a1ed1245e7447302fcb30d62bd60e6bf2de09","sha512":"9f44729fb7631530f9518603dec847239e5c7f6642aafc79a01e49a7bdc86d7234517265d8026d97d8be565d0b1c982041acd0dab8e3e63ae2c8a320cf015bed","ssdeep":"","tlshash":"caf04cf7501c95d950014150c9de3a85573df233a3468d5eb7a114f78a1454b217c595","first_seen":"2026-03-27T06:35:36.186978Z","last_seen":"2026-05-04T13:32:42.303813Z","times_seen":4,"resource_available":false,"data":null}},"time_used":841,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":839,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com/mahalei/0836eb7044f347399064b8a48365ac71.png?2.0.1744718898202","fqdn":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /mahalei/0836eb7044f347399064b8a48365ac71.png?2.0.1744718898202 HTTP/1.1\r\nHost: tg-mahalebi.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:21:04 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3732\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D40B1E8233536D35AB5\r\nAccept-Ranges: bytes\r\nETag: \"E326580314F82FABDF76FC955FB104B0\"\r\nLast-Modified: Tue, 15 Apr 2025 11:41:48 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5730286623389365294\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 4yZYAxT4L6vfdvyVX7EEsA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3732,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"e326580314f82fabdf76fc955fb104b0","sha1":"46915f0d868ca1c86acc48678a5b11d64acf6ff5","sha256":"196351975fe03ce7bf12b1247416e2c3c45b9c0f0567555356176d45c70b2c55","sha512":"bd40da9deb371cd6e32884c261e0155a738c9ceabda10f2c34a337cffa923ba07c9b71d5cce7bb05f9f539b3949fa3b9a999429f908eef745c22d3ddaaf766a7","ssdeep":"","tlshash":"75715b17fb7c5a29430590b70a6237b264d701626a72d0dd2dd08bcbcac604ab6a439d","first_seen":"2024-12-03T23:58:43.617431Z","last_seen":"2026-05-04T13:32:42.283543Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1848,"timings":{"blocked":795,"dns":26,"connect":254,"send":0,"wait":257,"receive":0,"ssl":512},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images/dark/tab/homeA.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images/dark/tab/homeA.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 19 Aug 2024 10:42:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66c3218a-790\"\r\nexpires: Wed, 03 Jun 2026 03:51:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34181\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3SK0Fn0zxLeB7n7fTuFcxa%2BAKTtqNwP8GJtISLEr0DosqT%2BRIHlbM6DY%2F33jJIWbQyWmDb1JlS7ovPyUYgQ2TIMvv6kBE%2B8SXLTPYsWcWarjL9dhxJrMOQ5zZv%2Fj9g4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6d695b783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1936,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"8061eb8408a13b457654ab13953198fb","sha1":"b3c6ec63544ec3bfdce48b8595c1d0776b9a373c","sha256":"24694648b0f76973506d291e2206c941e5d55be5ea85ed6c11fc408a0d518894","sha512":"ee8c844a1d8ac78116b89df7ea1e2880e8425f7c5ff8ebbc59dc0bbb1aa963d2c49a8db92337c3709bc1c412606d88c5a3f3c5005d5c6c05b7e002aaea4f3a29","ssdeep":"","tlshash":"f2412c4b12016e699ab1060d5ae1134c54fec8b4d496ac907d30ff98eb87f588ec934a","first_seen":"2024-12-03T23:58:43.639463Z","last_seen":"2026-05-04T13:32:42.290897Z","times_seen":96,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images/dark/tab/financial.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images/dark/tab/financial.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\ncontent-length: 578\r\nlast-modified: Mon, 19 Aug 2024 12:45:30 GMT\r\netag: \"66c33e6a-242\"\r\nexpires: Wed, 03 Jun 2026 03:51:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 34181\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=64YXiSbsNPHMK%2BEC66JIAVEK7Q3v0VMwXWVEJufGGvugIIarCjUDoYvi%2FjWocFH6YKLEIx3qesnA9UrVJvU9rZGL1%2BuMtpmRq6SnXbzZtGthjQgngBHTCuobavkcojQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f67ce6d7962783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":578,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit colormap, non-interlaced","md5":"dadfa18f1faf465c9b55a343f5e04e94","sha1":"e3ff2475cacacbfad5061c55dc3b487988405f6e","sha256":"48aa7feb7f5113a32d51df9560171e8546e977080beb2a08e5ff1e26dc3b73ed","sha512":"ca526872da2868f6999ef426c0c1d340eb4171defacd8e02f843437a148f631fc24cd738fd151f01b8b06d9830d87457f9d2801c3bb5e3b14de588d7d040447c","ssdeep":"","tlshash":"a1f081f6cfc71c54dbd8d1b9837a9764fe8611749f1345ff950085518856805c5421b5","first_seen":"2024-12-20T23:51:30.266177Z","last_seen":"2026-05-04T13:32:42.290265Z","times_seen":46,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-8c6d956a.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:02.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-8c6d956a.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-1382\"\r\nexpires: Tue, 05 May 2026 01:21:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rHtWgmH55WEUJibT6ISn7tI%2FcY7s5mh%2FOEUC4vz6WdTVaPq%2B3ucEIAZDhBOoguZtAbSHLgDrPrHFzNorNwqrST8xaMbx1j%2BZ5wgIAoLlc5pMtM8lC8tpzqa%2FlmProYI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce64e815783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4994,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4987)","md5":"d4618b735f029163bb0f72a734688d5a","sha1":"0b8b0add4a29f07efff7eeadb07ec8dccc389bd6","sha256":"6d7c0d3d2f7115949d5ce2524b7eb8a1f23da531325c5d627d23c368ec7f9c47","sha512":"8a1a94b087a8bc60413ecddb60c0790ab3a1058bb00e7fecf860918fbe05128acaa4b846eab2128c7e4d381167a0ea78fa2a4fa4757e1e260514694fc4fc65d8","ssdeep":"96:LXJi/9YcqD+wS9xy4cR2bUkiuabiW3hvhg36a8Nmo8/oQNlijk6:LXJiFYcqiwSahR2bvVehvegwoQ/sk6","tlshash":"16a1a699f502c5baeab704504888042031ac7bfaf20448b5f7fdad4a27b8c79d795722","first_seen":"2026-03-27T06:35:36.119991Z","last_seen":"2026-05-04T13:32:42.292134Z","times_seen":4,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-eedf0153.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:02.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-eedf0153.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:02 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:21:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"67febcb4-308\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mu%2Bup4hQ70YeB2Lw0g2fuduzjkyA4BsWiZR7Jz0jYaUl1DLtn3flPq23Q%2Ff6vrJ%2FbLQUC%2F6J84OR2fpvCUUjkqFi2kQ%2BGxlT5K190uS81jyJtoEarXn7iYJGqayRCgw%3D\"}]}\r\ncf-ray: 9f67ce64e818783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":776,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (775)","md5":"587a2d7e1b1c8325c3e3762bee1660b3","sha1":"7bc56d82d3e2677c03aa45f8a27ac558a504a24e","sha256":"64d230b35e39ea029478e520c0d9b1b80336e66715ba8370a9a248c293e364bb","sha512":"21f1ba665ea25b585c08dd2fc860866ff7300a597b72067f4face0114698e6d12e6e2d18ca90b2b16aa9286a68f81363d0a9fd788eae42f73ff99df8dd2b69a0","ssdeep":"","tlshash":"0401bdf9fd0d8ebb0fa20a4141a1360114092fddfa1419e298867d661be4950d7de72d","first_seen":"2026-03-27T06:35:36.176554Z","last_seen":"2026-05-04T13:32:42.289067Z","times_seen":4,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images/dark/tab/tradeA.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images/dark/tab/tradeA.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Mar 2025 10:22:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67d554cc-ade\"\r\nexpires: Wed, 03 Jun 2026 03:51:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34175\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A2gdsWLEwFntu44YM%2BoE4eebrPDoSOUyFyy9457qNEEOLYXFIDQ6VpXCkM%2FVA4nzmbAeuS2qZNSn%2BVqrw%2FJ%2BwmCwSa9rg3NqjeZzq6Tya2OdqhvrY9o6diOtISFAzI4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6d795d783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2782,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"4e93f9efc5ab888855c81d15fa589fd6","sha1":"2c9e75916ca59f4e8ffdd08882c6ee362d2bd342","sha256":"b320e097c21602a4b3388451bcb3f255818a55a07b88dda38617fef4b49eb409","sha512":"d91eb8522ac837c4f635e7d4c00531169e3b99c4d2f73b765ab17ffae2f52a389b0e75be169c598276254f99283937af4fd00b3e0d1cc6941d9f532238d4ff2a","ssdeep":"","tlshash":"bb515ce320df2843ce709f5bfba43a62d02435fad05433480e028e21947a72754b92ad","first_seen":"2025-07-27T10:32:31.484283Z","last_seen":"2026-05-04T13:32:42.311006Z","times_seen":8,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images/dark/tab/assets.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images/dark/tab/assets.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 19 Aug 2024 19:47:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66c3a146-4f1\"\r\nexpires: Wed, 03 Jun 2026 03:51:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34181\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zAn%2Bbry765IF0ukQTOQOsldCTcSS3Rcn8FXtZm7kHNiome5bE36uE704t7corL4LzgmpcAQqxGsRPWOAwM%2B8BgsBaqflxeYkW0o1TcHVI%2FbhKKvqo8HeNFF3vzikIlc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6d8964783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1265,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"e85cb050345d627e3fe342aa14eba1c5","sha1":"966c36a1be038fd0bb9673e455ff3b6188f47453","sha256":"e9a792d1a596130e30d7b945e466f2691a563090f1ef06fe06fec57d7193e0e8","sha512":"3c97550a30076a06c1c785192fae5a5fcdc73aef866a69df4c5c4c891f35add2e58f895c7d671faec539ec3836898283385311e7479c7f4ef9ba7a6dd65893a7","ssdeep":"","tlshash":"0521b717faffd94437722d83839a85aeb07726082e004809345e49c5ec2a8885ceef44","first_seen":"2024-12-03T23:58:43.646323Z","last_seen":"2026-05-04T13:32:42.320556Z","times_seen":108,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/fonts/DINOT-Medium.otf","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/fonts/DINOT-Medium.otf HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinhako.fit/assets/index-4ff26185.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:04 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 73096\r\nlast-modified: Wed, 01 Nov 2023 21:05:30 GMT\r\netag: \"6542bd9a-11d88\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CCO4bAuVr7NxSOGNWX0ldsjbA%2FZkOdBO0bX4Zlv91rQkKL3VbPIfEgGceY9OS3GK5IVYg5yRKRuGeNcq2%2BS4ouvEjzrTVce3kIZVrzhSkdGoM%2Bf%2FOW6lYvtL27gWd9Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f67ce6e396f783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73096,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"ab876400560626fbe045633dc44f0748","sha1":"85bbfb1729e86f40ddc9af7197b5f54ed6136226","sha256":"5888b24f6b65ff7c989b4a258dbeb5d997320d61417371210da0258be21d854d","sha512":"82e96ade51b0570c1f691ba45d1a3c0802015dad7598954675c4abe2fa8a9fc705adbe6eb5e677aa5cc03b6704e594cfe99279c678855ebbbcbade6d5028dbd6","ssdeep":"1536:TlK/cP2D2oV7otQjBG1+acfZZHHDEdom1hvd5JItkB7k3Z:TKQQtG1yZSdomrvpIqcZ","tlshash":"0b636f031d4fb9548de4513a52de4ea34bb39ecc1ca493c30ae12d938fece6657152ae","first_seen":"2023-08-16T00:37:20Z","last_seen":"2026-05-04T13:32:42.324806Z","times_seen":897,"resource_available":false,"data":null}},"time_used":847,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":563,"receive":284,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:04 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tX%2FZ%2BlWnKkb5s9qXGYa83uf1SWPDL2BWNInarwW88ell7ut0mCPFdqVnKw4yraVGre5Koo2diYIxq6%2FrMfL6WC6l5QOtk%2BQoMSPd%2Bk5mU1eqg6mPjVu6zbWZmw4qptRXn3Z4uQhi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f67ce6e7978783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":852,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"webapi.coinhako.fit/ws/b353c2ac-71a6-4227-ac65-9114127c6cbd","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"172.67.222.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /ws/b353c2ac-71a6-4227-ac65-9114127c6cbd HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://coinhako.fit\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: BChrXthKKJkM1xIuq4UaGQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nDate: Mon, 04 May 2026 13:21:01 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://coinhako.fit\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: 97y2G4cSi37hgQ7JoUyAmYxhyhc=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=BlqRL92jbKSP7c%2B7poZ6biKkx7EOdig4jQE7yTaXtf80pSNuijQHiemHrR6mMd3PZvYFY0LOrOOO8M8lO2inF5RPaWGdShliQkG62fvdyFhYeuU0jZYK4dLLvA1gBQPzhLXmeZI1\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9f67ce5d6c05b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=458\u0026min_rtt=411\u0026rtt_var=198\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2343\u0026recv_bytes=1196\u0026delivery_rate=4686084\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=27a220b4585be0df\u0026ts=906\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":955,"timings":{"blocked":-1,"dns":25,"connect":22,"send":0,"wait":893,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:04.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"POST /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: zh\r\nlang: zh\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:05 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=veOibCB1KUQ9boVJOanH8ZmuRsUvL480edEljq4MWMhqQ1gy8Uaxi0CFFcwOO4HXxwKiMbw%2BnVPihdJEjimrxUZaGPqDWmwAonQI34yIlRUnn4QdYN0sDCAHNdCLbVmME34W3OaK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce749a5c783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":844,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9ca6db6f4de498b5bdda2dfbb1a20b44","sha1":"b977486664077a2063afb619032a59af41994b9a","sha256":"c1b2daf518d381c9b5b2c7b4d73fa7b318d98f16b9eb7237314690d722d44d4e","sha512":"eb0406a493f5579dd8595229a64be89b660fc35999e7a61befce40237ada79cc7223c16147c2b0b9a0852c9e20a3a61e72da3bc560c601c75952e6ff4c1c243f","ssdeep":"","tlshash":"fd01c95e20789e5a2c0a09c741c9baccd06d3683c570ceb28a3ecf6e87f65769757884","first_seen":"2026-03-27T06:35:36.170431Z","last_seen":"2026-05-04T13:32:42.311656Z","times_seen":4,"resource_available":false,"data":null}},"time_used":933,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":933,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com/mahalei/0b2fac9bbf01419eaaeab4ed69fa6fb8.jpg?2.0.1744718898202","fqdn":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:05.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /mahalei/0b2fac9bbf01419eaaeab4ed69fa6fb8.jpg?2.0.1744718898202 HTTP/1.1\r\nHost: tg-mahalebi.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:21:05 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 12367\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D41ACF6C53436475C3F\r\nAccept-Ranges: bytes\r\nETag: \"3C91CB614152728AC3FA5ACA5A8F14BE\"\r\nLast-Modified: Fri, 02 May 2025 19:06:53 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15924310977327838817\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: PJHLYUFScorD+lrKWo8Uvg==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":12367,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 302x167, components 3","md5":"3c91cb614152728ac3fa5aca5a8f14be","sha1":"15787177600fd39ed06607e572253325fb9f94ec","sha256":"b8a77a67ba77891bafa8ec0762f82d323c2619bdf531bdfc30c49e713bac9c9e","sha512":"50936605e92d444b38536c7c617de129b720cd77ad076584df203755d486461aa548b17c0c04a2d2bb9346edd582d2856bee60d0131568fb350d86604c0d6aab","ssdeep":"384:bXj5AHpBGRO3bxaWV1gFfxkvZDlCerimLDoqrMd2K:bX2ftbxpjOemUo05K","tlshash":"2442c02ffd6ed9d28782e2b4c0b72330db42ac2485817a7714f542455f5a15c4a6f4ea","first_seen":"2025-09-06T11:40:48.228138Z","last_seen":"2026-05-04T13:32:42.294023Z","times_seen":5,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":298,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com/mahalei/6eb6612775ef4dd1a0c8779f0a5b24ef.jpg?2.0.1744718898202","fqdn":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:05.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /mahalei/6eb6612775ef4dd1a0c8779f0a5b24ef.jpg?2.0.1744718898202 HTTP/1.1\r\nHost: tg-mahalebi.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:21:05 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 25751\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D41C390C33630BBCFFE\r\nAccept-Ranges: bytes\r\nETag: \"53FF92F80A5A0AC1FC00309DD2EE8BE1\"\r\nLast-Modified: Fri, 02 May 2025 18:47:35 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5824265682420434116\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: U/+S+ApaCsH8ADCd0u6L4Q==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":25751,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 450x338, components 3","md5":"53ff92f80a5a0ac1fc00309dd2ee8be1","sha1":"ce0e130ffa981e1d28dc0e6d5e58f08de2a8088d","sha256":"7105eafb1b3f5eb72cc7878d560f84852d37999a4394688ad8722ba40152adbb","sha512":"9f2e0962ad0151598445e4d5ad2ce9c0c8562538924631942717ff08b049476633b7dd3678f99b59526c856e50bff9717fec85f09c13c883cfba816df5aaf19e","ssdeep":"768:UPBj+gq25OHAfwrwJU4n0CQzAujuyayH9:RgarMU4nRNuj9j9","tlshash":"cfc2e11676384157ee04b774d7845b3fadb14c84eeb0f00f39a95e2af026e8d1a479e4","first_seen":"2026-03-27T06:35:36.17242Z","last_seen":"2026-05-04T13:32:42.316663Z","times_seen":4,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":277,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/currencyItem-a9d76ab4.css","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/currencyItem-a9d76ab4.css HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:00 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-587\"\r\nexpires: Mon, 04 May 2026 15:51:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34183\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TBX0aFn5wCBnfL10O3GBghHo0A%2BRvZcSefvn8ZmEaIJOPSH0N9zhPdAlHkbks%2Bijfc8ZpJq9QV8Ejwb8cy%2BJTUHvzvOi%2Bw3yOMGxMLgxDovOtMGzgqzIKu%2BfWAN%2Bews%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce5d0e3d783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1415,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1414)","md5":"bbf2f1f1e1cd86774f8ee8c8dd0cd8fb","sha1":"19cfe25fa8728e1a444577cac016141d4f1e6072","sha256":"a9d76ab4f677472f72ed47020f29ca2f01056e4b54b76b840faa8e1ed5df79de","sha512":"f4fb11e1e74d7cd5fb8de4c4070c20cf6279bfbee49e362fae19ecdd22ef1277d4aa57a29d2eab7bd0cd4f2a8803c1b60d494653705319cc46eab82da77da7ca","ssdeep":"","tlshash":"62210c15af141234f8358445becd100ce22d6ec7f1c79ad8e98e16923c8ba0b533bd2e","first_seen":"2026-03-27T06:35:36.202581Z","last_seen":"2026-05-04T13:32:42.300896Z","times_seen":4,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/zh-279ad9af.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:02.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/zh-279ad9af.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-9316\"\r\nexpires: Tue, 05 May 2026 01:21:02 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BHcOjB%2Fdx2ieD08lVq7FK6y6oVWUjsaPo6ASo1m3sUKljDj8fh64kAY5CIE3SMZIT4rdDsySDLk%2BzCe3wC59ef8AJKyKCmYlYlVyUawCGpgQzmGwXsJDqMK4geB6hoA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce64c810783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37654,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (27817)","md5":"d71f54e38433cccb59c605eaa0814b59","sha1":"b5fe80cbccb08e6de480b80d05ad5960401a5b42","sha256":"c9b72c7ee56e289b21122bfb008fbfc3c7f481b0fd2202e41c32e08b890be732","sha512":"2a2df2f879a08c3f39bd0f43ab29dbbfc5179f1ed566de8a7f4347b8cc91a179e82618efb6df1c8b0da0f537c2ed23a159e8c2e32ab96d33877a951b848f792c","ssdeep":"768:D9sgcXP80UU/fLS5LW0/so/mgrUYxP7sP+:DzcXRtetW0/E+","tlshash":"36f2e6d47daedd9a40e3a627b04f990120f75ec68626c4191fe99ef562d8f039783b30","first_seen":"2026-03-27T06:35:36.197546Z","last_seen":"2026-05-04T13:32:42.299527Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1123,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-144e407d.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:02.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-144e407d.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:02 GMT\r\ncontent-type: application/javascript\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:21:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\nage: 0\r\ncf-cache-status: HIT\r\netag: W/\"67febcb4-1fe\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pS%2BSi85m2JE4euDJVRav3%2F%2Btl1f50BJrDyFn6aKhddtPensqxahdEF3Q7s153DCNxjdfPcCZzLnd8hmnV5BswrHF%2BH245JX93ko4Ur9YjmBYaif3MaXUjMRksahvGRw%3D\"}]}\r\ncf-ray: 9f67ce64e814783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (509)","md5":"be264b3a7eeaef4c9824c3125fe919c7","sha1":"6b4a2c9a3af05d7039bccda6272e9104f559bcf6","sha256":"2542b0c24ad79d2399e41c39a2a617a49d8c9ebfed5c824f4a392690ce162cf6","sha512":"2a3e9125487e369666c13d8742da5a02242c01881439618e6e7e3b4dcbf2c02c16a82936b49b3085b118e8fd16fa3f7e2a41793b275907104c9c56c1e1f130e7","ssdeep":"","tlshash":"43f00e7fbd7a84720bb388fca1630820ba182f162b54c4d4e4870e14cb388f7d56e214","first_seen":"2026-03-27T06:35:36.185506Z","last_seen":"2026-05-04T13:32:42.289649Z","times_seen":4,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com/mahalei/b1f74fc9baee41e98fde9b478f2fabd3.png?2.0.1744718898202","fqdn":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /mahalei/b1f74fc9baee41e98fde9b478f2fabd3.png?2.0.1744718898202 HTTP/1.1\r\nHost: tg-mahalebi.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:21:04 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 4700\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D40ACF6C53436755A3F\r\nAccept-Ranges: bytes\r\nETag: \"ABECA3ABFC9BD7E938CE03FFE4336846\"\r\nLast-Modified: Tue, 15 Apr 2025 11:50:07 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2242578967330433804\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: q+yjq/yb1+k4zgP/5DNoRg==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4700,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"abeca3abfc9bd7e938ce03ffe4336846","sha1":"14da412e77a271a07ecedce2ae59bf9ec3e82d7e","sha256":"ef98e502113bd47d0cd313a36cb869c901b0098d422ab945e145dc6f85023cd9","sha512":"f1ad211c48a84c19f4fe27095bf9440f862c904a27bd6119afe1b01c0f7fe2f09f19b4b43c750722f9eb02f50e7e792faee7c2519df673d872bb1c0602d85a8e","ssdeep":"96:A4BTb4irVgrOkLvZp93nYXEIMGWknNUl2BofAfo9pByRzBYJ:A49Vgr1RMXEIFg2ifJ93UBYJ","tlshash":"43a19dd5b07772a4d047ab3a3517b39afe75b0e841c98bccb71c1138992508af0fe205","first_seen":"2024-12-03T23:58:43.611351Z","last_seen":"2026-05-04T13:32:42.305652Z","times_seen":38,"resource_available":false,"data":null}},"time_used":1732,"timings":{"blocked":859,"dns":0,"connect":0,"send":0,"wait":293,"receive":1,"ssl":579},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/images/dark/tab/assetsA.png?2.0.1744718898202","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/images/dark/tab/assetsA.png?2.0.1744718898202 HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:03 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 19 Aug 2024 10:46:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66c322a2-7e7\"\r\nexpires: Wed, 03 Jun 2026 03:51:27 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34175\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NV0wYFhO5bfPFsgn6eDHk5iE3tPSOo7JRtwgWTZEu40cMoHscHtYlse4Zw7iL3wTVVSqp4vwv3pfZ1xFJQ%2FODT1b5zrrKzI2NyFjnjiz4oDa2mu6lmtz9tIBzymbzBo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce6d7963783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2023,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"5c2fe5c67e4dd5963b878288aa239620","sha1":"526bd2776ebb020292871004d84d10f7e8924eee","sha256":"906fc53eeed6dd63c892afe4b1a38bc39e34b8d91a90b56d30a47dc9cad2b9ba","sha512":"ff0aecbaeb8707743ab56c63313ba679b55095c2068e7abfafaa7333b6e5543581e717b011607dc0c362339fa1fe93562cc328a4516a46707012a3d510f1940a","ssdeep":"","tlshash":"97410ce6f23458faf83fd477205e25ce9f65cc16237d55128e828d716005438f8806c5","first_seen":"2024-12-03T23:58:43.655461Z","last_seen":"2026-05-04T13:32:42.286787Z","times_seen":17,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-4ff26185.css","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:20:57.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-4ff26185.css HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:20:57 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-4ac11\"\r\nexpires: Mon, 04 May 2026 15:51:14 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 34182\r\npriority: u=2,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LNu%2BAzUw5RgIZw52spjyHDIzxoKdzywDNnopGRfAmPUDLDCyOvfDqigvPjvo2zV37BiSkeLfT%2Be%2BMdOf2Uu7g9E79AEbVnNv7X6yTZdUE0Eem7a4ZYCKuwiTHMsOD88%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce46baa6783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":306193,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"10735e299b37151f6735740cbf45cd7e","sha1":"6fbac451ae8f43eb808919ecd42cb6f102677542","sha256":"4ff261855045890768051b85c24333945143ba49fb56e9e4492d0ad50cb1437c","sha512":"b72b6108e796322dac8b20c3b511fda99ebb78861b763ba0f19dbeb628daff0288c687c2eecac56a0467e46bf28de33a43effb50dae3f29b274487216f7915ca","ssdeep":"6144:nnvxsalDW9EkZ8w71ZACkFDS3vyf58rBeV05TF:nv109dZ8w71ZACkFDS3vyf58rBeV05TF","tlshash":"ce54d6a9a590117c6f27aa7597ce4ad8f23ce6719c118de9f20160094fc3ffa2363617","first_seen":"2026-03-27T06:35:36.220462Z","last_seen":"2026-05-04T13:32:42.297209Z","times_seen":4,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/resource/fonts/Arial.ttf","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:20:57.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /resource/fonts/Arial.ttf HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://coinhako.fit/assets/index-4ff26185.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:20:58 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 1047012\r\nlast-modified: Wed, 01 Nov 2023 21:05:30 GMT\r\netag: \"6542bd9a-ff9e4\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n%2B1eXo3tG1tPZBzhKfl%2FYgCGhpkCXcNwAf8DX00FN38CM8jytL7wCVb5CiBAgDp3iaNm6JwEUbJ9bb4r48dzdz6Gq9UlBFuKw3YNeMeprkX3IuJIj5LUNHXdpyG6S2I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f67ce473ab4783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1047012,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 25 tables, 1st \"DSIG\", 58 names, Unicode, � 2017 The Monotype Corporation. All Rights Reserved. ","md5":"ffe66dbfc4b07f36ef38dd621ad2c7cc","sha1":"e032b102cfc37c3226d17e1b462edea5fbf8fe1c","sha256":"c1216a01b3cc4e94df72577a6f618154058a1d8999ed58fa31ab7e54c7e4be4b","sha512":"3c7952b71c8117938c5284efca0e0b3e8c20d7b84c74a4890f76a72af3b26295786b0f7c33d9b6c980527b4c4c8dad628d1f5e7e5f202d11076367f082349bb3","ssdeep":"24576:NoQIQRjo/Y7wjgTmKJ4WxA7EAD4OBfDamXKE6AMra:NHIQJo/Y7wjgTm0PxAwJHE6hG","tlshash":"f125be0bf3929f0fe3902b38c9a5d761939b76189b2743b73d8c5858ecc85a45e487d2","first_seen":"2023-07-29T15:16:45Z","last_seen":"2026-05-04T13:34:50.778961Z","times_seen":1240,"resource_available":false,"data":null}},"time_used":2728,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":891,"receive":1837,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/vendor-242a4b3b.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/vendor-242a4b3b.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:00 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-e2d60\"\r\nexpires: Tue, 05 May 2026 01:20:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1\r\npriority: u=4,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9ogjJymd%2FRLrD%2Fyup1R9NVfX0sAlsQc688f%2BtiJ7QgfMnLoENm88tpyS9PZp8kCWKUzSpagaKOEI7mX%2B3q89GiiJ0hJ24TQVtOxAcpqoxXcuCoKxFkWAW9cNklkxvgk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce5c6e24783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":929120,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"04107a5a042b9feafcb3aaf480719d91","sha1":"1e5103a25f965c25fa1d52e7a4901b6d38d77620","sha256":"1dc511d478e101965d459a0f747ee86a7cd93485b66b34e73a0fd76d6920f433","sha512":"119c538b8d10a082a99ba8a4c1837d5502f10624973010acca6e0c930e7c7643eb9bbf148401af4b6e43f02902e435db2db768e2b32a871e016542bab3f50b52","ssdeep":"12288:WBIesgWlYRnKHAsm96ieFw7Ho7FVNIeJWDssQXWprmUM/hY8x4GOA:WBIeCgKgsAeFw7I7F3VLsQXWprmUMjf","tlshash":"c0153ac97292f06147ab20e140bb0006f33d6e59740e84a4f56d99eb7d69d89e2b7f3c","first_seen":"2026-03-27T06:35:36.14375Z","last_seen":"2026-05-04T13:32:42.291509Z","times_seen":4,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/common/type/defi_activity_type","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"OPTIONS /api/common/type/defi_activity_type HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:04 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oght%2BEFSIqcV%2BBoQsWVrogeB34Rs7PupFCxmYeuiC1yiw749MKR8lx5hQV2Nn4JRt0vKBt03gzJDEePrj8FS9RTGzDuKAauzALVG5q5vcrW3winigjH4P9XAqusZnz3x0QxZG%2FGA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f67ce6e797a783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":849,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":849,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.coinhako.fit/api/common/type/defi_activity_type","fqdn":"webapi.coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:04.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"POST /api/common/type/defi_activity_type HTTP/1.1\r\nHost: webapi.coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: zh\r\nlang: zh\r\nOrigin: https://coinhako.fit\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:05 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://coinhako.fit\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MnSwqvMSRC4TH6NHJFNjeQPUsh6PPZgvTBOou%2FZVJ6LVA2QSmT96TLPyD%2BiQ5FiQZyLFjuMashJSoX%2BBb%2Bqs0mE20fmbhsDwHzk5q%2BT6y4FtaBhouQE18JG3w1wG3ftEbvaiGEeW\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce749a5b783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7a423e3451e474878191a0a7f1d323b9","sha1":"13312f533f380295131f6a1540f425d0c98a16ba","sha256":"49c938e0bb3a834cab9319575489cf6c1694cace3f1ceb9671570024328e2a35","sha512":"0522e47fc06c4329cee21e354b264c90ae4b0725941d75cf63af54bee4a307fbe91e7078a412bd9750f3856657159ffe5efff139a652ec0443368f7c146bfdbf","ssdeep":"","tlshash":"5af028143d3dcebf098f65e745ec7818399c152794a0fca058ab0f3c5ae4171088921c","first_seen":"2025-04-07T11:28:26.961944Z","last_seen":"2026-05-04T13:32:42.314391Z","times_seen":623,"resource_available":false,"data":null}},"time_used":932,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":932,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"webapi.coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/index-2aaddfa5.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:00.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/index-2aaddfa5.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-139db\"\r\nexpires: Tue, 05 May 2026 01:21:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rb4iqrm0jtBTUPGmjC8BQqQbn6iggUbejNSwoJoDg9eyroMqZ6%2B7JfYYc4ffiJ%2F2T%2Fb7dqzZZTVDC04UefBUCQKYHG4xSxvoaJFzIdYx9xRA56S0219v3qAjugcxEg4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce5d0e3e783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80347,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e089df8abe8e91652dfbabb670c3f2fb","sha1":"3d15382e1d023de338e006b5940b28c579039f59","sha256":"ec0e86f8bb3c5d1b0fcdab71df671b7880313d62d09cb51ee66225342a322d94","sha512":"50de5b43bbe1a8e64df84ca5948cc2a2dc441fe470a693e8632d29b12d314ec03e09831687bc8e225e44b4cad4f9cd97e05649f2ac0fa46094283387dcd29f78","ssdeep":"1536:kUzdbSgWUEvzDpwuPlMa+714aLosSMhRf4w4CHLtl6BeLKREPDne8:1vlEvdSLfSMh14wjtl6BYKCne8","tlshash":"4473f9ddb282f436429661a0403f060bf337ae98740e4558f268e5cd7e7c989a17bf79","first_seen":"2026-03-27T06:35:36.16545Z","last_seen":"2026-05-04T13:32:42.282847Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1232,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"coinhako.fit/assets/currencyItem-22bbd286.js","fqdn":"coinhako.fit","domain":"coinhako.fit","tld":"fit"},"ip":{"addr":"104.21.70.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:02.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinhako.fit","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 13:07:23 GMT","end":"Fri, 31 Jul 2026 13:07:22 GMT"},"fingerprint":{"sha1":"BC:EA:54:7D:8C:BB:5C:C3:28:8C:FA:BA:61:C8:57:D9:B7:0A:D4:17","sha256":"19:CD:D6:39:68:47:7E:F3:39:A5:2F:CC:41:D7:5D:39:26:C7:A3:97:8B:CE:F7:46:8D:79:99:99:22:82:89:86"}}},"request":{"raw":"GET /assets/currencyItem-22bbd286.js HTTP/1.1\r\nHost: coinhako.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:21:02 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 15 Apr 2025 20:08:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67febcb4-9eb\"\r\nexpires: Tue, 05 May 2026 01:21:01 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 0\r\npriority: u=3,i=?0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GYq0bLmu9iD7qNBDclGRfdd%2BZj7sYD7rp8cGEl0%2FwRpuIO1Gq2qu9oGOa%2F3EnqJwgTRlMAKgg0uDrl23vdvsLqkm%2FDycolbAo434T5Xh1bwSLixYh8aoRCXJGkX7EeQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67ce64e816783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2539,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2538)","md5":"8ea6e03ceedef7f7940c1078ed0ad122","sha1":"5320454c2f007b61b71b182072931739bd156795","sha256":"d7a3864cd6c069b37b63ae3e4c34c516bb66d44e144a2c7dd056f65094b93328","sha512":"360fb5d01a980420229d4925aa543dfeb46360dd268444d0faf4b7b47fbcccaa610cfc7e2f0b0142acedc872e581a04a7d1071220a0dfe53b3281a8a7c5e3646","ssdeep":"","tlshash":"0951a5adbb1186b9d77ed890c5a82811172d37cb3026cbc4bade04063f1ad94d329b34","first_seen":"2026-03-27T06:35:36.148254Z","last_seen":"2026-05-04T13:32:42.285568Z","times_seen":4,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"coinhako.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com/mahalei/c726e55d70a2458baf3a50cbe129d8ab.png?2.0.1744718898202","fqdn":"tg-mahalebi.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.242","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://coinhako.fit/","date":"2026-05-04T13:21:03.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 04 Feb 2026 11:46:56 GMT","end":"Mon, 08 Mar 2027 11:46:55 GMT"},"fingerprint":{"sha1":"07:DD:45:99:F9:D3:55:D6:EB:41:00:22:C7:FA:B0:8F:DB:0B:E9:4C","sha256":"F5:2E:3B:65:89:04:A9:28:79:6A:C1:49:B6:17:06:AB:A8:09:30:D8:2A:1F:43:B7:BB:27:72:92:C0:3C:54:F8"}}},"request":{"raw":"GET /mahalei/c726e55d70a2458baf3a50cbe129d8ab.png?2.0.1744718898202 HTTP/1.1\r\nHost: tg-mahalebi.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:21:04 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3479\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D40C390C3363058CEFE\r\nAccept-Ranges: bytes\r\nETag: \"48DECDDD32487CB4255ADE73D9851C4A\"\r\nLast-Modified: Tue, 15 Apr 2025 11:47:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11816775927394616679\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: SN7N3TJIfLQlWt5z2YUcSg==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3479,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"48decddd32487cb4255ade73d9851c4a","sha1":"b8b756a4c0939ec61bc43be85f33fa812c931fb5","sha256":"c44f67a7fce9160b64a5e5735c99a71e1c607a6a944d1851086cc82ab3bbbce7","sha512":"c0b2a77390356925e8a17e1aa7d632e17c73ea8cc2174674f44a728f2c69eaa87711085b500f2ea9183b89f27a8c7f6a8be2049be6fe4aeeda37ae4494e50158","ssdeep":"","tlshash":"8e717e4bbcef5a82d1cc93b606dafe22333fd3e5a609de2447d024147d854a598ecb11","first_seen":"2024-12-03T23:58:43.609936Z","last_seen":"2026-05-04T13:32:42.306393Z","times_seen":44,"resource_available":false,"data":null}},"time_used":1383,"timings":{"blocked":1111,"dns":0,"connect":0,"send":0,"wait":271,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}