{"report_id":"67526d14-5a95-476c-a639-2ebc685e15f0","version":0,"status":"done","tags":[],"date":"2026-06-29T15:11:04Z","url":{"schema":"http","addr":"bimiidcd.top","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"172.67.180.191","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"title":"Bitget","dom":{"size":24045,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (17466)","md5":"14b6081987981f625877712ec5c5868e","sha1":"cd76e0dbac4ca27cd87f1fb339bc5fa7d4f4df52","sha256":"73fa77aef6fe9b2b274c793f6cea5c9e214bb919cbd1bf90b0e77b7d627bb419","sha512":"35e7d9229a6a49a739fcb7d16fc7a03e836b72e9dac54fc2340af8ab54337524290f7ecd6c2fd71aefe8835ccca9139d6e1f0cdb6e2b121bc84205f5bab09773","ssdeep":"384:i6BZCxG2ZqQS6R32/sGbq782lU82d82A82+KY373x:iuQxG2ZqQb2/s0KY373x","tlshash":"bcb28b32a511506703a3a5c1f060be5976abe30fc51b84483fadc6ec5fd3cb4b8aa975","dom_hash":"domhash5dc7317f4c32dd9287805bf902df8b72","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bimiidcd.top","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"172.67.180.191","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-03T15:11:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"admapi.mmao-46.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"hw.rangwodf.cc","ip":{"addr":"104.21.11.224","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-06-12","domain_rank":0,"first_seen":"2025-06-03T12:45:54.191815Z","last_seen":"2026-06-18T15:43:01.780186Z","alert_count":0,"request_count":1,"received_data":5086,"sent_data":414,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"admapi.mmao-46.icu","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2025-06-29","domain_rank":0,"first_seen":"2026-06-29T15:11:07.047173Z","last_seen":"2026-06-29T15:11:07.047173Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":551,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bimiidcd.top","ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":78,"request_count":39,"received_data":3466373,"sent_data":17846,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"api.waw856.co","ip":{"addr":"137.220.153.16","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":24,"request_count":8,"received_data":32253,"sent_data":4337,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"api.citrueswave.shop","ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":13,"received_data":5786,"sent_data":7068,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"36ceecc4afd68bb41726f5cb20015630","sha1":"14c5346bce16f8196f6fcfd24cf16d01677ba3bb","sha256":"23311ade957fecc4e79ee0c3e9b69623d442cc7f21e55217ecb0e4bf1a3fc644","sha512":"443296c79e56f99b0ad221e8999a6b30975f837205e86ba127a20e0635196ad815a600fbfc9fba7301d21532648746444e9269e84440f1f43085e248a2b51b22","ssdeep":"","tlshash":"b7c08cc9a0c77e209612642010af35e890758037b08c6ba28cd9dc982f620f09233ee8","size":158,"data":"","first_seen":"2026-06-29T15:11:12.707087Z","last_seen":"2026-06-29T18:43:33.603716Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/vendor-348cf0e1.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"adf78437db266dad9d219a7ca154bcb2","sha1":"4751a690339ce8334071fc1de6adcf389b457423","sha256":"f479ad074d75a53b1d447d33e9224daea0b6cb3fc8652674a4d9b73ed13d9446","sha512":"6f8d735d41343382cb99672e6c04fa6bac1e2db0198c8d9f6ab2902754119086f9ed0c8b1231bb408218689fb325c21576def254a67fdca7f76216b94785ef68","ssdeep":"12288:CcFae4xeZMRVDwifmzbB9dw/Xbri8L1w672vI/+a8o2aqWl6yj4Ga2BD:CcFn4xLVUUmZ941w67viaqWl6yZa25","tlshash":"3d1529c57292f06147ab24e240bb0006f3396e59744e84a4f1add8db7d79d89a2b7f3c","size":881262,"data":"","first_seen":"2026-06-29T15:11:12.695981Z","last_seen":"2026-06-29T18:43:33.533569Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-30T05:45:05.477508Z","times_seen":6483,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"88eb93418bae9d8798503b3f91ebeba6","sha1":"578232a94a811037ffa3836c603c5a2ee6ba820c","sha256":"8f01f50a3ad1c6d32e57c9cbc936acbde9c3ddebc850dd91ae3a00ed2aff3a0a","sha512":"58414507c96729a4200cf1ad5037bac863c019d05d46a133826bd8bce9683a400344d0c5aa4bf1b17b7b9b705ff83f73fe8f49a87bbbfe0b88ee33909edd5806","ssdeep":"","tlshash":"39f00e811ac0386223a10180b6bf34dc522d61193303969e0bfcd99c2e031b8d433aaa","size":493,"data":"","first_seen":"2026-06-29T15:11:12.711052Z","last_seen":"2026-06-29T18:43:33.609287Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"aa0da5020b76710ff92e24f643dac05e","sha1":"68fa842ddba1a7476ac215bbec91e6f9c3331358","sha256":"751dd05c5d7be648924781a2bad4895e9462c243512edaefbd44e505e8fd95a0","sha512":"832669db5fcf81a90a4c60329a0696f0ccd19d42a2a24701ec2d82d67ff5c94f58de1723597181fc205204adc1c664746b4e7a604edbb7f9995de0959b24eb51","ssdeep":"","tlshash":"62c022c0a0d2bd208611204000ff30d8a03a0016788807da8ed8cc882f220b08137ee8","size":175,"data":"","first_seen":"2026-06-29T15:11:12.713351Z","last_seen":"2026-06-29T18:43:33.590487Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5c0684ac40bb2075c0ec9bdd2d0c8a71","sha1":"b6ac0bb2d293a5fdf228b86388e8e1cff45bb555","sha256":"7c5eec04f6754f0b45b74b5f1243f97394721a128af33d7878e4babf0ec121d6","sha512":"fbc6d13c24b17226955828bf89c992b95e67034b0e2f7467f632ffe9949ed679d95ceab9df727ab72a826f105c2480b0c65b179fe8fa035468264a58a8602834","ssdeep":"","tlshash":"4bc080c4a0d37e105711645160ef35e4e035445f744a575b9d94dd453f624f04233edc","size":162,"data":"","first_seen":"2026-06-29T15:11:12.71488Z","last_seen":"2026-06-29T18:43:33.586451Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d27730b20247c23e73ca7ccd1899c28f","sha1":"7e3cb0040725e46d5a00025e8508c28af69e62d5","sha256":"9e20c65be5eeb6ddbb9589be9082fbef102730cd3134fb8d21e6ab2b2ddd75cc","sha512":"79fffea66d275083f6c6bbccd53dce34724f43b8402d8430fd8f508cf970ba14a8fa6add189f519353ad31bfa60f9b14d897ae1a1e6c841f157a0046d41c4975","ssdeep":"","tlshash":"f5c022c4a0d3bf204722204961ff34e8e03b001e704d870aae94e9492b228b08233ee8","size":192,"data":"","first_seen":"2026-06-29T15:11:12.716183Z","last_seen":"2026-06-29T18:43:33.587382Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5948bc3b90afab1829ab7ee61269f24e","sha1":"517e29a82521418181f702543be8ae74a3bf68b3","sha256":"14fc83a84c91770211dc352186f8e87ddc85e87c2dba0c80a159b45897b9ae2d","sha512":"05c079bbf0389ad341941c3e837aca91dc9aff681cee8da0b4560551ba13e6bbb76b01213af6514e6991e3369062870866a41e67e6d67a37038ddba3ddee7d5f","ssdeep":"","tlshash":"a5c08cc4a0c26d002606691010af24e49028802670485b028c94e8592e264b08233ea8","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-06-29T18:43:33.605437Z","times_seen":1618,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hw.rangwodf.cc/1.js","fqdn":"hw.rangwodf.cc","domain":"rangwodf.cc","tld":"cc"},"ip":{"addr":"104.21.11.224","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a7be4d37e40605966b3f251032ef83c","sha1":"04ce12b241f411532969f613d500e0c68adcd1a7","sha256":"43e78f198f373307278dde2a72cc52ebd529cde5a4638d86f79d34ecf7e9d3b3","sha512":"2c13815f477df8a18ba17a5442512f73f365d9712a8bbcd453e6b0e1ca7352b6bb9b8176999c16fd754addfaa4847aeaac11585ab20a2a76b4833a22879f09c9","ssdeep":"48:bD3MlcaYje32enWULpu30EejF5huyFPFalMikhbHdF9SdGH2muyFDM3ii7M/+0rg:bLMujzYpL5EOhT0529KGECDaVAHD8","tlshash":"2691635a212374160674337e5bd7874df725a0f331428699babcc2026ffa076c662ea8","size":4366,"data":"","first_seen":"2026-06-29T15:11:12.682414Z","last_seen":"2026-06-29T18:43:33.528791Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-5d1d7a29.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d6ae003bbb4e9a97ea034518e72760d8","sha1":"2f2c791dee91eccccb6bfae8d54695e4972deb2a","sha256":"ef34e408ebbeddb6534226b9fa8dbf1341c2c6dcb6b7aabe4bcad1b20502e53c","sha512":"f5ead27110a37a326c9093cf7ee7929d3a752e2278326a7757aec68d5994fc89851954cb73660de2c806241cc56bd8639b940e75e96706bef27bc513aa451add","ssdeep":"96:kDKqPIlf1l9YlqWqD+wS0M9cib1dQUgAaXGycOHl+3hvGXu35mTIqyhw7DjR:kDTPIlfRYvqiwSLqibwUR3OHlmhvN5mf","tlshash":"c4a1b78df80389baaaa7585054480012319d7ff6b10948f6f6feec0727788fde782721","size":4963,"data":"","first_seen":"2026-06-29T15:11:12.640786Z","last_seen":"2026-06-29T18:43:33.552994Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/filters-75cf4a1e.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"25c1826e128994420f5ab5ffd437996f","sha1":"ef3aa27e7c621639552b80a210240582b5df765b","sha256":"9968dd48aa8d7c45b6338fd88932f00418d9a8ff51dc02c5147e8b50562aeec3","sha512":"35d79831857d3548bf579e8f7a9bd8a6e765e9cfde2d0d7c2f9a8c2b285a3b7a5772e101084440215c217190222030a4130005783812c0fb2c61e0a73e7e186e","ssdeep":"","tlshash":"6d6126edfdd7b13796ea59f945284410b28e6f10686e094de54fd0426a33888e0bfb64","size":3220,"data":"","first_seen":"2026-06-29T15:11:12.653372Z","last_seen":"2026-06-29T18:43:33.574055Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"9d379fc52463f2b630c6894900da5180","sha1":"b33fecceae6c1ef97518c6ad7159534d78e7b2f7","sha256":"6c3288c6af4396096b1a8a927fbfaf05ac8cc29658fc97d13cf036ba6bb38ab3","sha512":"49b43b0c253e26c135bd5009d73c537cf2e78342ef6b116ce6efbd3627152ac804449ec5cbe637a544b5557b52a50213a19dfcf33158a4f6b0a8ff91d79372d5","ssdeep":"","tlshash":"61c012c5a0da29102951595424bf28e8a024c026b55c6b169de4dda829e64fcc627d98","size":190,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-29T18:43:33.596629Z","times_seen":1247,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a4bdcb8203f55c2a0d42fe2daeba7f94","sha1":"28d4fb637c1f7d7cfc979d90f4f388d62eb58a51","sha256":"386fe5926fc7fa712f45c79142ec5390c9082ce14bd96a609004647fb1f4d823","sha512":"09dd6e53cd308472025baff2f600acd0b5be74b4d557bf48d7402cf6147449fa01db100adc90a5ea3930e80b42a5a2a1782265620c3f940cc93f60e873363d5e","ssdeep":"","tlshash":"c6c08cc8a1c33d001602661060bf35e4a0288026714c5b128cd4e8492f230b88237e98","size":145,"data":"","first_seen":"2023-06-06T19:23:28Z","last_seen":"2026-06-29T23:30:56.910588Z","times_seen":1282,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7de71cd324bb8833f4a138cbcdafa759","sha1":"d7a8122c1483170fa571ec47c62f91c66d662ede","sha256":"62b9d7d992de0ba11591d4ed7c7ab166d886c09ddb4a6b79693795ce836c6003","sha512":"5d42f665549881c48abeb0ee42138dcd1b0f6140e49c3fc6efdfe3657cba54e63218787f0b0d2f12622873799b4ec3a21b9f4f62194f2cc9bda2758dd699a439","ssdeep":"","tlshash":"73c08cdab0d72d006602642110af78e8a0388027b08c9b439cd4d8883ea30b08233fa8","size":151,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-29T18:43:33.594245Z","times_seen":375,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d98acc1019303c876db914a972334937","sha1":"73807338e5295d0e4a62fbf19a5258d5cc93e72c","sha256":"864aa8328e7915cfbea7a8773cd622fbf24494c9b6019a076bef6e3f795e7d9d","sha512":"77d7c9975e811e66a77b15f141c84b12ae3aa0f991d15d2864c3c3ce082e0da5f4154d93424ae8580ebd93a1c7231752fbf22ef82ce7a01d997287d2d854d1af","ssdeep":"","tlshash":"e6c08cc8a0c32d001a13642210ff34e4d03440a6b44d1f028dd4e8493e624b09333edc","size":150,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-06-29T18:43:33.60013Z","times_seen":1098,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/en-77980464.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"0f51664c4a95ec186da44bb1242a718e","sha1":"0a79a0166a62c4f403cb49bca01ecc940e366d00","sha256":"3b94c01bce51d90bf2158336f374f673bb4ea1a0da32bb867d4cedf22580f263","sha512":"68c09682718fc03b25a91095fbb83506b39dbb8adc47dc80482cb582915d4bc42e6e929e185ffd6b4ac2f1d65d457f252127edba5dfbe94191e538238a8adbe4","ssdeep":"768:KGtZcEw/o7ruOdg0si9AMCYrAaAMVUoP6+6sPG9wOmwO6fpk7aORRw4XmM4:uponuOdV+YrdVULsPWw7RRwtM4","tlshash":"fc23f7897e1698aa05f3133774de6a1160fa0ac18256c85f0fecc5fc53e2b62a363775","size":46903,"data":"","first_seen":"2026-06-29T15:11:12.635159Z","last_seen":"2026-06-29T18:43:33.542114Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"761e0ca3055a6df6b767b9fd2c2c33f5","sha1":"8279710724184971e9032028a86c6b2bd81a6101","sha256":"3299676c7cf244b68eb2f2ef3bda119ec029c9c1b13d03c884c963873001926c","sha512":"40adf5d297017b6579b4690fe47a305d33dd5fb65721ed49b2a224984e8ed3118fa55ac37120a19340ab900a96515068a0fa3d395ded6e278f97429e3fd6fb1a","ssdeep":"","tlshash":"7dc08ccbe0f37f001602642211af34e8a038402a74c86b129cd9e8583e220b59237edc","size":159,"data":"","first_seen":"2025-08-06T15:20:33.623621Z","last_seen":"2026-06-29T18:43:33.604791Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"afd6dadb9533533d8514ac548303e331","sha1":"0b297795e161099658da59b3912482e86732e56d","sha256":"e378d3c8bb137aed4116bdd0c560231896d500f4edbb80088c14fd8fb220c3a9","sha512":"0df2fd8eb6e505ad35fff7e135feb15d50d1ae87d9990d9fa472fb834b7baf48ca73b3e8850042c74584e60de2daa8b9a4a981e5bef460ab48ad5f8ddb5d03e6","ssdeep":"","tlshash":"6cc08cc4a0c22d101602661014bf29e59024802671881b42cc94e8882e220f08233e98","size":140,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-06-29T18:43:33.583537Z","times_seen":1491,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d79f3caa10c98b932989ed757c2583fd","sha1":"26cf11347c76248648e2ae0783ddd951740fa886","sha256":"0faee83b08399527555f0f1660641c498537803bef34fe5664bec2ebc75c65be","sha512":"d52edaa64f492716595139748666e711bcbfd80667bbab1d2d5af29894ec845bb85abc6edc853a948c3a802774ed9208817ddbe2f0fb662a0c491f14edcc8446","ssdeep":"","tlshash":"97116bfe291a602d6303405e976b7911642650e9401a185173ccaa9dbb9af6de0cbb8d","size":1034,"data":"","first_seen":"2026-06-29T15:11:12.728448Z","last_seen":"2026-06-29T18:43:33.591318Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-06-30T06:06:17.268295Z","times_seen":38657,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-06-30T06:06:17.268886Z","times_seen":40682,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/currencyItem-ede020d6.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"70ae834f1cf7d6cb6f4a8705b8570595","sha1":"95a235672ba11834e755ded0638b1903202dd2fb","sha256":"b4866ab6f22ab68aa8baa7940f516f493963fc6a014228efc8fb4047320ff75a","sha512":"0917a2b15e38f1abfd033b733f5e3133e08a5afe92e146e80abecf156ca00e49d13eeebb77ee915a301246dc951a95131a58901115395eff0f3d6827d6bb57a3","ssdeep":"","tlshash":"fc31cf99690186b2d7bf5492d0a40434131dbfc57126c6d5feed14243b138b8d36df3a","size":1531,"data":"","first_seen":"2026-06-29T15:11:12.701858Z","last_seen":"2026-06-29T18:43:33.559897Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5f3ab12d935926923cd234cc86c658f0","sha1":"4ceb77001ba466756e20d597568bb3fe1da01138","sha256":"0a207956f29d9546e41a4e3b8354ef52baeeb8ae4c8a5c82252e64f528425a4f","sha512":"1e822812677eac95e857a87c73cba93104bc07719a8144e63731529672933355451f9f0e38ca48254f749e7c8dedd76d149ad6feec1527523b08f069d1baa928","ssdeep":"","tlshash":"f1c08cc8a0ca2d001612745010af25e4a0248027744c1b128ce8d8582e230b08233e98","size":140,"data":"","first_seen":"2023-06-05T11:50:58Z","last_seen":"2026-06-29T18:43:33.595886Z","times_seen":183,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"6900701ff959494d30437499abeb8885","sha1":"7cb4c820fbf30caa6b50d6c2dc4aa7c0c4b644d8","sha256":"3be52a71ee1e4d668cceef779a9942298cef4d68e03183d10681c4aa945c83f5","sha512":"731bc35b44d92adfda91474163cba7cbfe8ebb8faeb76364becb6a0f87c8d62c68a560257759546c0c38da3d0ea220cbee60eed126f77194441f92786231135b","ssdeep":"","tlshash":"b5c08cc4a0c22d101642645420af26e4a028802a70485b128c94d8482e620b48233ea8","size":138,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-30T04:57:32.033542Z","times_seen":7458,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d8a0b36a3bb5359d82373fd74ab0a55b","sha1":"109fcd2e9501021577ad657d5701aa40e771b723","sha256":"26b23c11a596c1301030aaa5e72296226d0b2c601ff7b24694d413a401ac9826","sha512":"ebb5fb5d0b9ad70253bc33b31f5fab9fa0efb74a89eefd5b900d6b956970a52ef306b8e62a73b47775339624aef7daf7f4779743b84394f80591c0ea8182f9fe","ssdeep":"","tlshash":"d8c08cc4a0d22d001a02641060af34e49028442670481b028ca4d8482e620b48233e98","size":138,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-06-29T23:30:56.906021Z","times_seen":1948,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-efaf1e24.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"370131d8b6e78a99cefc4ba6a966883f","sha1":"ba44dee8c579c515ebd1d82b5de329c96fbe018f","sha256":"148aad42631f8d163f6341657206e7a4807fdde7e50b73f93142584808b5d05e","sha512":"2a529591d5b9636393f79ec2f8ce28f304fcb0ad004a1a196724f5b2deb21166a10c5a2c00f0a1e8d0af59abee7de8bf46b28d2d0e361822e160990a229653b5","ssdeep":"1536:4mqF9RcSxv8vjosVRDfgN5BS4ZXGtmDYFJ6:4jVURDfI5hYu","tlshash":"13a34c8995071fbf5cfd0888a95b5a0020691fd35c88ccd7b3ba6e553bfac94638a71c","size":105477,"data":"","first_seen":"2026-06-29T15:11:12.681123Z","last_seen":"2026-06-29T18:43:33.56867Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"ad53bdca95253da3ed0339a52f219d8e","sha1":"1acba9622b6c70c03ce56310becd1d72226538e4","sha256":"3fecdc9cf7339d52588891d5d7b0c4b4ebfd82fe813b141fd5b81fdc70694f81","sha512":"d2bf6f0a88bbc044c6aab45f1f8795b3aafcf709a0a2b294f27062c0c34e1f34ec3964286f776c55a40a412cdf01c2ace59fdf7981fd69c6d8a63a6791ff8d3e","ssdeep":"","tlshash":"61c08cc4a0c22d001a02645014bf24e4a024802770481b02dcd8d8483e220b08233e98","size":137,"data":"","first_seen":"2023-05-08T20:49:31Z","last_seen":"2026-06-29T18:43:33.584139Z","times_seen":1607,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"ced6204993ccd4d4792486f3b3c899b1","sha1":"c16ea5b8c59dcea2b9b03d844467f9db0d358cdc","sha256":"317f80fdd1cb3e7b69648541320cfeb07fd3ea3d1b70d3aab180edce7c3c4ac5","sha512":"dbf99b86ffabe8deeb56f836821b1f3c58fe9b502b89210ec5082f60b4cb4e30f060645fc970bf48f5c3f20073f0e79845925b0dfb4ac89df0319d4c26bdb795","ssdeep":"","tlshash":"b8c08cc4a0c22e509622651410af38e89034402ab08c5b52dc98e94e3f260f49237eac","size":149,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-06-29T18:43:33.606788Z","times_seen":385,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"354f7af4d1454b0b09fd313a8bf1d086","sha1":"6005a065acaa787370ea2f37dcde7b7b27d16f9d","sha256":"564865f77e34f7410cfafa208b40a10952d9c0ea988b19e531e54be3327008d9","sha512":"ec4184f213e57457ab8abeeb4ab848573fa2e0c1fd85ec139a2645147d59c00e83965077e9ca4dd94eb4a07a027922ca73c794e71274d364673d7208040034bf","ssdeep":"","tlshash":"b1c022d460a22e001606100410ff21e44020402a720c5b8e8c90c8843a220f44133ea8","size":178,"data":"","first_seen":"2026-06-29T15:11:12.733955Z","last_seen":"2026-06-29T18:43:33.601572Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0cfeff5ac7a0fe13d1d6c59c656a8191","sha1":"2e7938dcb94dc32bdbbaffd147cb7fbb4906e1bc","sha256":"3ff8af045dc8bda6cc30b9863ddb4aa5fca07055001d79700bc5c957c1695780","sha512":"dd7af19be1158e20e32a6cd4ddd570034f223b04efe38fd6e5624ef045c9f4f5676c691af8b1f4290ab0306b1892281d7ceceac875de148238d4c3f0282a5028","ssdeep":"","tlshash":"dbc08cc9f4d67e20668a651070ff3ae89024802a70485b6b8e94de4c3f772f09237edd","size":171,"data":"","first_seen":"2026-06-29T15:11:12.73505Z","last_seen":"2026-06-29T18:43:33.589452Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-4f4afda7.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"82798a2fc7298522ac5984c2865c838c","sha1":"7fa14afb916bf5d532c2f45b0cbe549ff087baf0","sha256":"4148645dd50221049c0ccf2df751e40b51d6378bf78c401b476ec7781d792482","sha512":"3594273e23be72a75b552a4005321f3a368b6f24de4ee7efbf7bfe85d84f1d1d6b5b36cc3345e9a79c1e20a97fb336f14bbdee530f0624f51f8a33bc348a0e20","ssdeep":"","tlshash":"fc01f8f8fd1d8ebb0ea20a4001902601140a2fddfa1419f198867d6a2be5940dbce32d","size":776,"data":"","first_seen":"2026-06-29T15:11:12.662053Z","last_seen":"2026-06-29T18:43:33.545751Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-7223bcbc.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ac3e98c7ce451839cfd93e283babea24","sha1":"0c458675ad3046b95f0eed4d03533cc82a6ec5cd","sha256":"4b5859a0d7f27eb79fa6ba1b2a1542bd38e4226460c73491d0027d82c4dd141d","sha512":"8fb49e6eefa4043fef9e11a1915a2661012fe29cd11fcbeb0a1312a5baf68006c1baec1b64272fe9844aaf97680e795d725acc5d250b34c17b101bc8dfd7ee33","ssdeep":"","tlshash":"55e0226e2aaad1b267b1ccede2221952a3182b05131581a8e5870604b2789e6605f368","size":388,"data":"","first_seen":"2026-06-29T15:11:12.678685Z","last_seen":"2026-06-29T18:43:33.547457Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c0e88513b499aae066f13f6f0edfedab","sha1":"12fd9320e7be26e9257e2a1a39a698a5e2706292","sha256":"3ffd5a1fea533c35c122aeb0a36f3d4a37022e0a14c83167faeaa819b3ee8cfd","sha512":"36b57e74aa71e21ec5489637f206796e8b9097db32c59e4ffbbdd7eb11ce35c2f754178f996bd6e11abc560cdddd3af7cde3fc1847c1a455120b5c26ee4fb838","ssdeep":"","tlshash":"17c08cc8b0c6ad001602e45111bf25e4a024802770481b128d98e8483e220f48233e9c","size":139,"data":"","first_seen":"2023-08-29T11:10:58Z","last_seen":"2026-06-29T18:43:33.617776Z","times_seen":1489,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"43a144a646cd1c3aa47c6e97b8997f16","sha1":"751520d68e01030d76aaa27829bee42de57b33ae","sha256":"7400aff6408f23b72deadda0905ff4dc8eb4af368f7e8026063918149826a7d6","sha512":"85eff0527e8a86cde19b0e67070c8f71528670484865bafb4b88ee54f83b48f575275ed10cf343f0c84d4c0a425f6632b5b1bdfdfbfd75c6702ee856d28f512f","ssdeep":"","tlshash":"14c08cc8a0c22d101a02681414af24e49028442774481b068cd4e8882e230b08233ea8","size":141,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-06-30T01:23:07.449039Z","times_seen":4256,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a77ffc8fcd5be8f12fb99bc8118151ea","sha1":"65c43d3029a382b86defc99c54613aa6a32ea375","sha256":"40516dd855287dd360d48125cb9de73ff1ac1d47f2faedbac5227338bf02948e","sha512":"3f80885ba525b9069484a79918215f8e3f8f830d5e81286b8772be124ed6928c6a994c91617a57d7558ac347bb079f660f65aeffebd15768b4e403210299d170","ssdeep":"","tlshash":"64c08cc4a0c66d101612652010bf25e89034402770581b068c94dc482e220b18233e9c","size":141,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-06-29T18:43:33.588265Z","times_seen":214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0814ed4dd397ce915831558e5ebef734","sha1":"86fb82582b6a9cf331c17c052709477615a591cd","sha256":"7695807745f4202749dd404dccaf3ee553ecc8fb6475ad53b0746fb7f21132c2","sha512":"f9b0648e8ec0c9b10f1073aa8154a32bc230db7ee91a3f2f0e056959258c886df849514409201cc0bdc70035b3e9eea502da45fda9ad5db158fc0ed434c11082","ssdeep":"","tlshash":"6ec08cc5b1c67e109652751060bf28e8903680267048ab428ed8dc892ea20f4823beac","size":158,"data":"","first_seen":"2026-06-29T15:11:12.737881Z","last_seen":"2026-06-29T18:43:33.581865Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1ac039a330c609bc29c442ea6817970f","sha1":"a6263cde8b0c08b69ca5929b0c43d4cdfa1b7fca","sha256":"2c9ac521712fe8917e9ae67aa36d97219701454bc69289bdcc0f23a5732f278b","sha512":"3aa7e2ec06d3bb45c92cd201ec15ce324cd16c95086ebe0ee50db24592701c5b13d3ec1acba54d4b92ded16d437dcda29c7bdcab75697f01aefcf76a53ae1462","ssdeep":"","tlshash":"67c08cc8a0c22d2017966ca051af3af4903d803b708d1b829de8d84c3e270f08237fe8","size":163,"data":"","first_seen":"2026-06-29T15:11:12.738954Z","last_seen":"2026-06-29T18:43:33.584757Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"79226b5e7d00c742cac4671cf028939c","sha1":"dce40ee9a2fc665950d5fb177c3bac47d4a1a58e","sha256":"afc1a0c3757fe1da8e081254849d384f8c7ba8d2b78b2a44f1f098fa16a2dfa1","sha512":"318b3dc0dc40880936e3cc9ce9906f9604e333fc811f1c7f56b87e9740a331dad9f8385c4768b6df21449d86e837b9c415256bf081169d7f6faf4771cfd8d747","ssdeep":"","tlshash":"80c080c4b1c22d001557541165ff38d890354016714c1b56dde4d8543d224f04333ddc","size":160,"data":"","first_seen":"2026-06-29T15:11:12.740269Z","last_seen":"2026-06-29T18:43:33.582729Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-d79c921d.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ac5287b39a205a7bef559ed82ed2bd9","sha1":"9efb88cb650dc0848589d295e1ff2d3a4394bd1f","sha256":"7a5e1453faa5557d49c5c2cdcc5248125dac461a7abfdce12c3e1686cbd97b24","sha512":"8a8a04659dd290ac7a3fbd66f9f2c68e485d9a06fe68f195f3ab6e550ffd609c7129705a7a1ab210e93a47d53d9b2ca7f44b1aab439b6da331c72ab12ee8d0a9","ssdeep":"384:+ZZ+AcIJVHlfJg3HitQO64BPYJuBsXdd1rdImo/lSpJjk6ofcPUOSJMQCzUim2m6:+ZdJVH1JgyQ4AJux/lSpsNOSJMQCzjLT","tlshash":"0672b742f90a963de9b3b09105d90001711a3fdda04e98ebb1fd4d47a762eb4b7057ba","size":16515,"data":"","first_seen":"2026-06-29T15:11:12.670992Z","last_seen":"2026-06-29T18:43:33.544646Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7746993e8adb9277ba5afa2584910974","sha1":"8e7e6d562fd56f594b40b6657156d483d7426e40","sha256":"833dc15f120cad89d5c0680edae217dbad02010e42af351959607df4170074ee","sha512":"10ee66e22fa45386057f1385e179955ad4fd4d53363c0aebe68aa9ba0547bf409a286e53ab6e678e5d0c3485d6cabcdd359f359c5258160b50a0a5a5496d6e6d","ssdeep":"","tlshash":"39c08cc5a0c22e101646641010bf28e49024402674481b028c98d8482e220b08233e9c","size":140,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-06-30T01:23:07.43689Z","times_seen":4165,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f2d562f0482af28097a1e8bff743e202","sha1":"ab1f7442f13da01242f874f07b84041f32ff8cb8","sha256":"8ea8193c70220762139c7844d4be3c37d53d805256513bc224b53d16ad35730a","sha512":"2cf8993becc7c96e42b0499e72862eefa57d365830253e8b580c35ee9f854d4adb0b5b6817b56dfb125acdbc496ae99e8e78d7f73220c4093e8f2d2e521205f0","ssdeep":"","tlshash":"21c08cc5a0c23d002616641011af38e49028402674481b029c94e8482e230b48233e98","size":137,"data":"","first_seen":"2023-06-05T11:50:57Z","last_seen":"2026-06-29T18:43:33.618559Z","times_seen":1070,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4a548aead5e9a1cfb34a9824980f06c0","sha1":"5b133fb3054832ecb1f2c4c2e42fae6cf879978b","sha256":"2fdb02712e27bbd63751de6c27e7e193e9f9bd1b3d1d6a401f7e05924da93c9a","sha512":"ae2b7c6abaa71e50bde7fee19f2cb8a442dcee124f9f26263aebbaf094acd3ff7a4b1791b99e997c0871d84e742c8eb41aa6632f10cc7f0eac00d6b79bb8f344","ssdeep":"","tlshash":"15f00e8155c0382233720540b5ff24dc933d71592307859f4bbdaa982e476b4c077eae","size":512,"data":"","first_seen":"2026-06-29T15:11:12.742764Z","last_seen":"2026-06-29T18:43:33.594851Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f0aea3d7c150ded151c26860543077e0","sha1":"493bc6a8d726acf0cef18b833a8a1de89f999166","sha256":"3a41db3d58a3af7282fbf13affaa9f28a1995b5fe80c762f1911baf8c6386ed1","sha512":"8b1a793927ce985a3cfab4951d263a34c2be30184da4811c5cfc526fa50f1c1530d8fd9abfce78a3a2d4dfd1be75458f64eaa9704b6ae40b72734dcc98adea1b","ssdeep":"","tlshash":"a6c080c470c22d501506951124ff25d450344016704c17529d94dc4d3d220b45233e98","size":151,"data":"","first_seen":"2026-03-04T14:29:59.283294Z","last_seen":"2026-06-29T18:43:33.610398Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"ec4b2434b443fd9f7ceb7ebfddd35321","sha1":"96d223f929ad992bd4141e3a0c4adadab4aeb226","sha256":"e57f064c1dda986ee2a019d4d71278382e6632edb311e15a83b828997561e9f1","sha512":"3e394f6a587234d4a4c2501f7bc4084b51964dc28f1cd66af26f784bd6268af31ad87f4c16a4925f5e7ef4ccd46d667165311ed369f29b046e6a2c5bd744fc53","ssdeep":"","tlshash":"d3c08cc4a1d26e902786659128bf65e4a034502ab0885b438da4d88c2e620f0e233eec","size":161,"data":"","first_seen":"2026-06-29T15:11:12.745582Z","last_seen":"2026-06-29T18:43:33.614286Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"95f527b45a883152c8ea523100b322bf","sha1":"169e8f2bce35bd6acee6f18e02cf11dd8cf27059","sha256":"8401bdbae613bd3f65cfa4fcf0b2cf148e8a3700650343d05f875522f2523140","sha512":"07a906cd1866fd1286c5b52108f9cb2e789b33d6b5fb964cf0e91f23f649595ce3359badfb6bf1a95d8777dc95a4e2fb0ff869412746f3673ca957097bb40614","ssdeep":"","tlshash":"0ac08cc5a0c26e111603645860bf38e89034402678881b428cd8e95a3e220f09233edc","size":148,"data":"","first_seen":"2026-03-01T13:48:48.202711Z","last_seen":"2026-06-29T18:43:33.58559Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/charting_library/charting_library.min.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","size":10859,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-29T18:43:33.558244Z","times_seen":1078,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7d764b0b9e8bef95dcf9f0f849edccc6","sha1":"15be8ee3a96501522a2bf45a99f67f824c8aea40","sha256":"8b8989047e79dee3c51c15e6775949819e5a84fea6abe9c0a4c705c19c380e1c","sha512":"3ed96dd8987dd6f0f5b1b37c1e7a922483c12c15802fa75cc1a7da653e06d5bcb19dc86de0b6d94558bef150d65911b020ec0639f2d3ef3844bfd33f5b78cc08","ssdeep":"","tlshash":"37e0abaa3229c03456f08b3e6dfc0c17fa576b324d8c0a1bb8f0e9091e7dd1020b88d2","size":420,"data":"","first_seen":"2026-04-22T17:43:43.839491Z","last_seen":"2026-06-29T18:43:33.606137Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f19a249a3e546a75d19b9d3f75497cdd","sha1":"4fcf8a4234dc76c37cb9415dd3c2d4820fb45a30","sha256":"8f0b9cbdf1999a03131eed312b7dc7ab85a5ddbf696e4805d240a61cdf5066b2","sha512":"7f999eee3d080218db37b9bd7ae6ca464771276ae0eb378b537d24635f5d700aede00359099b8e2197cc4f36e56162a46110fbdb85f213ed5ada51d9875a7402","ssdeep":"","tlshash":"c5c08cc9a2c22d001646641014bf28f4902480277048ab038dd4dc892e620f0823be9c","size":146,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-29T18:43:33.600796Z","times_seen":553,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"346b7d79f44e3955f117d2e00060ffbb","sha1":"d6ce6029544ed201c661859070e0a997f6297559","sha256":"761ab00d6ff8b8877d70673e07dabfa8f6e3a1db3aca9c41ac3e5c622fb3669f","sha512":"3be9adb9846628275ca4791e9b8c3af308e881fe45d5aed1a936a7f7c7b5b5e1d3122a476ab8baec1afee17a454d0f6e096d1e8f5b0c4e0d2313bc6b733867cc","ssdeep":"","tlshash":"b8c080d560e26f041656541510ff75f45034502ab64d6b9ecdd4d8453f720f45133ebd","size":177,"data":"","first_seen":"2026-06-29T15:11:12.752747Z","last_seen":"2026-06-29T18:43:33.597925Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5657a58eae951c0b69ed25728c9fc9a0","sha1":"484e4d827ab06f3315bf26704d7887b7485c227d","sha256":"10c7ce135a1b8d6cea26c0951a9acb31408986df8ab19dc1c272051dcf74b4f2","sha512":"86730b18df1c34162b4ada8a5912a94eca25be75e44cc760a34a2a8f070b031dc6cbd93a193589223fbb63a52ea526f0fe78c603c09dcff59efa7dfd824e4ed2","ssdeep":"","tlshash":"7dc08cc5a0d63d105652a41119bf24e890384427704c1b928de8dc483e660f0c333ee8","size":158,"data":"","first_seen":"2026-06-29T15:11:12.754054Z","last_seen":"2026-06-29T18:43:33.611139Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"7c584ad45b14c8b9a8987209ede8e30b","sha1":"2f0ba6d002be81de4cbbe2acce57d09f6de6f0f6","sha256":"17bce869104a72837dc14ecaba35c4a31ba50e2b35b5ddffaf6dcbcc3eb103ce","sha512":"389debd56986aaef4b909e6cb65e4dbe67ca14f5cde2c39750b80f807d991cfb3d1d309e13aa915ccc9d31d306bb2baa900aaee39c1b65c485ec1b90932d4d40","ssdeep":"","tlshash":"d3c08cc8a0c22d105a06645014af24e4b0384026b0482b028ee4d8582e634f88233ea8","size":145,"data":"","first_seen":"2026-06-29T15:11:12.75599Z","last_seen":"2026-06-29T18:43:33.602592Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/#/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c02f76b8d173e1d0afc93a75753a8a9a","sha1":"5a3ff21341053a0ce6dec4cab0e4a8739bc8ef19","sha256":"e6dbb4df2b7605ab60ad69cc08ce5e7acbb99970e89f3e34e52bc5df7a19b3bf","sha512":"f1be22dcd1d064fc9038900bc3a7555b233735cdcda79b27c8cb0ccafbc58d4402ed5ac8189dba463b6b589aac7e4fe5324246c7d94b127d7dd8bd39f8773b3d","ssdeep":"","tlshash":"74c08cc5a0c22e101a02641419bf79e4903881a774481b138ca4e9692e220b09233e98","size":149,"data":"","first_seen":"2024-12-26T23:29:40.15335Z","last_seen":"2026-06-29T18:43:33.616134Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bimiidcd.top/assets/en-77980464.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:51.983Z","timestamp":1782745851983,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/en-77980464.js HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:52 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: zstd\r\ncf-ray: a135dc46e84c49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-b739\"\r\nexpires: Tue, 30 Jun 2026 03:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P6%2B1zPJHOvNScx3M%2BnEdr7qS1PiIh95MNtmISROhvpXp5iOeMF1HUE4p144tEXCJLdmT2WYyVhqBZFuzTX7HBx5ymfyFA2G%2FA%2BZE2oC%2BaeGTWphcAU9YutbdKttWHW8%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46905,"size_decoded":15336,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (46882)","md5":"0f51664c4a95ec186da44bb1242a718e","sha1":"0a79a0166a62c4f403cb49bca01ecc940e366d00","sha256":"3b94c01bce51d90bf2158336f374f673bb4ea1a0da32bb867d4cedf22580f263","sha512":"68c09682718fc03b25a91095fbb83506b39dbb8adc47dc80482cb582915d4bc42e6e929e185ffd6b4ac2f1d65d457f252127edba5dfbe94191e538238a8adbe4","ssdeep":"768:KGtZcEw/o7ruOdg0si9AMCYrAaAMVUoP6+6sPG9wOmwO6fpk7aORRw4XmM4:uponuOdV+YrdVULsPWw7RRwtM4","tlshash":"fc23f7897e1698aa05f3133774de6a1160fa0ac18256c85f0fecc5fc53e2b62a363775","first_seen":"2026-06-29T15:11:12.635159Z","last_seen":"2026-06-29T18:43:33.542114Z","times_seen":2,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.waw856.co/images/currency/echo-res/DOGE.png?2.0.1780313038026","fqdn":"api.waw856.co","domain":"waw856.co","tld":"co"},"ip":{"addr":"137.220.153.16","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.368Z","timestamp":1782745852368,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.waw856.co","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 17:12:17 GMT","end":"Thu, 10 Sep 2026 17:12:16 GMT"},"fingerprint":{"sha1":"73:AA:74:08:49:C7:5A:4A:03:87:36:43:AF:CA:58:85:78:1F:57:68","sha256":"4D:2C:75:3D:BE:5A:CC:76:10:F8:CF:14:C0:D6:DF:1C:1A:1F:EC:F3:A0:37:CA:A2:9D:9B:97:3E:11:2C:0A:D4"}}},"request":{"raw":"GET /images/currency/echo-res/DOGE.png?2.0.1780313038026 HTTP/1.1\r\nHost: api.waw856.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Dec 2024 16:04:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"676adb91-ff8\"\r\nexpires: Wed, 29 Jul 2026 15:10:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4088,"size_decoded":3772,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"d2a5793984534bee45c89fc407169b44","sha1":"5025de4df42e881e6a9e0e0aa41a17770d221f2f","sha256":"d288a551977ce972c1222d0ceb64023a4260ee4834a3e926210b9fa2b169ccdf","sha512":"3f022b31348a8225d7af0425bb86aafaae1b31ccacc1b5cc0a75e7a29679735fd16b2b7b1aff324b21092b98950964a61d7d7615c5ef01baa3e1cdc158f07c11","ssdeep":"","tlshash":"76813b4cba842e40501eb588eadd11475fa721c09f81e2817ddeab8fa8315b69c3c9da","first_seen":"2026-06-29T15:11:12.637943Z","last_seen":"2026-06-29T18:43:33.570204Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1270,"timings":{"blocked":776,"dns":0,"connect":0,"send":0,"wait":494,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-5d1d7a29.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.859Z","timestamp":1782745849859,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/index-5d1d7a29.js HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=1,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: zstd\r\ncf-ray: a135dc399e0149c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-1363\"\r\nexpires: Tue, 30 Jun 2026 03:10:50 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tZdjLjMUn5%2F0JfoAeps7v3QfBek6oKPG%2FtPPwQIXVFI5Q05T64VbuQ9EpPu6jK3rk4JCgSnKjjCpc%2B2m8k2kKlcvrcrvwp8DPvI%2BEgMdlok3hTCuNME1NAeZWKLZL78%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4963,"size_decoded":3126,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4958)","md5":"d6ae003bbb4e9a97ea034518e72760d8","sha1":"2f2c791dee91eccccb6bfae8d54695e4972deb2a","sha256":"ef34e408ebbeddb6534226b9fa8dbf1341c2c6dcb6b7aabe4bcad1b20502e53c","sha512":"f5ead27110a37a326c9093cf7ee7929d3a752e2278326a7757aec68d5994fc89851954cb73660de2c806241cc56bd8639b940e75e96706bef27bc513aa451add","ssdeep":"96:kDKqPIlf1l9YlqWqD+wS0M9cib1dQUgAaXGycOHl+3hvGXu35mTIqyhw7DjR:kDTPIlfRYvqiwSLqibwUR3OHlmhvN5mf","tlshash":"c4a1b78df80389baaaa7585054480012319d7ff6b10948f6f6feec0727788fde782721","first_seen":"2026-06-29T15:11:12.640786Z","last_seen":"2026-06-29T18:43:33.552994Z","times_seen":2,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":710,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-28f71d93.css","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.873Z","timestamp":1782745849873,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/index-28f71d93.css HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: text/css\r\ncontent-encoding: zstd\r\ncf-ray: a135dc39be1049c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-6de\"\r\nexpires: Tue, 30 Jun 2026 03:10:50 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K6BMuG1C9THM2t96%2FFrevnoHZIulFQpqPGm0%2BZhdndavt%2Fq6qixmZ6pu7fBgWUYsd2UFCE0P22QA%2B0%2B%2BU6UiQtT%2BJI0r7kJGnxJzDWVhtTWe4TiQxpZ%2BXKz3IIcDOMI%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1758,"size_decoded":1318,"mime_type":"text/css","magic":"ASCII text, with very long lines (1757)","md5":"10891831727c74395a4a703a08b3e658","sha1":"4c782938cd57393f946807ccb770cf6d4fe77140","sha256":"28f71d931343a969e88ee27d761468c9bdd028fde33053d803fdf471e3e42e5e","sha512":"6ae07dba34a028f49b46d7729750810432366cacf4bed1b4fef0c8dd39f1e69f42c92fe757f93324ef34f3a624f13db9dbd73abc0995dcc7a8d0a707f4abc891","ssdeep":"","tlshash":"bc31f46b659862785ed6f175d3cf11e4e23d9120cd21817db216471e2fe337441e2624","first_seen":"2024-12-01T15:40:05.189135Z","last_seen":"2026-06-29T18:43:33.5696Z","times_seen":13,"resource_available":false,"data":null}},"time_used":796,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":796,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/common/getMt5Amount?coin=USCL","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:51.277Z","timestamp":1782745851277,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/common/getMt5Amount?coin=USCL HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:51 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":442,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/common/getMt5Amount?coin=USSI","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:51.278Z","timestamp":1782745851278,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/common/getMt5Amount?coin=USSI HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:51 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":442,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/5-fb445be4.png","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.382Z","timestamp":1782745852382,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/5-fb445be4.png HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lnpBUILCzlz%2FQjk7%2B2F%2Bq5xg7kHtfxIXqb7B3qNWTtnlGxcP61RCuQxafcr%2BXjYUmCFPhBZqfy671vxpLqrNpYv40qK3JzWep%2BjXfFA1iDhz5uZ6GeRVJT2MP8rG%2BtU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\ncf-ray: a135dc4968da49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb4e-1e04\"\r\nexpires: Wed, 29 Jul 2026 15:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7684,"size_decoded":8442,"mime_type":"image/png","magic":"PNG image data, 88 x 90, 8-bit/color RGBA, non-interlaced","md5":"9a7dfae2b19784d6f74b47b464cd48fc","sha1":"471911c9837140efe6fe786df87d3051198f0de4","sha256":"fb445be4eeaf6208d2666640351ad6779c650baa8e56de73a638fc8ce99f5f8b","sha512":"51c15f8f8359debcf5286486f686a2f3ea3eac75dcf0731039b24669d996662ebc63846b32a057841358896569d9c7ca1b2fc935659f5b8eb00abcfddde59d4f","ssdeep":"192:4v0x83Q+p96G6bQbbI26a27S8dvgxCa6LJHtPA:4v0x8H6BbKN6K8vgUaWltPA","tlshash":"cdf1a073bddad944e90703b3cf8e911b267d92295248b881550931e25caa12a3fdb065","first_seen":"2026-06-29T15:11:12.648149Z","last_seen":"2026-06-29T18:43:33.578796Z","times_seen":2,"resource_available":false,"data":null}},"time_used":741,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":741,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-9fa27bd9.css","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.866Z","timestamp":1782745849866,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/index-9fa27bd9.css HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BUubuVrAaIIKKXGUS1fklNnzxQ9skDvhr02peTgPaDiVFL%2FrYKsYgfXhyUTcMp24ZI7xJttVjjLuJIuDZpd58cIqZmCuLtVsrOJ6IuuJPyaje6LEUB8uQOH6hBy%2FlEc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: text/css\r\ncontent-encoding: zstd\r\ncf-ray: a135dc39ae0b49c5-OSL\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-3d\"\r\nexpires: Tue, 30 Jun 2026 03:10:50 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61,"size_decoded":815,"mime_type":"text/css","magic":"ASCII text","md5":"aedeb74e602c41cee34bd6935a50e570","sha1":"7fd40dd1eec17a39582985c82e309a548cc7bd33","sha256":"9fa27bd952afcd8941dc89eabf27d6a5c5b11b12921f61f91ca79b0fd41dd1f6","sha512":"d2c82c912e79868d7a71a602e20e1bf65838fdf3e6f954e7ef98f434629ce2f9de4b62de550d15efcedf2a91a6172addb05208a68d8cabcfff72f58af08df442","ssdeep":"","tlshash":"dda0022d12192504f3364712ff0ae90ecf3d69579b91422953031ca635dba8f255810a","first_seen":"2026-06-01T14:27:43.793485Z","last_seen":"2026-06-29T18:43:33.539727Z","times_seen":4,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/filters-75cf4a1e.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.867Z","timestamp":1782745849867,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/filters-75cf4a1e.js HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=1,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: zstd\r\ncf-ray: a135dc39ae0c49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-c94\"\r\nexpires: Tue, 30 Jun 2026 03:10:50 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aSg3xQkV9WvnSIDG8CdyRVFJ%2Bk0HsLlsiO5BKdVoMogsD5fOIyPMbZY1qdrhOZMjqM2c3H0w%2FHqL88Q1WsshizSTJgLsZpzHt4E6Z8ZMlHrXSGnzQ7B5441WN24xgeM%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3220,"size_decoded":1984,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3219)","md5":"25c1826e128994420f5ab5ffd437996f","sha1":"ef3aa27e7c621639552b80a210240582b5df765b","sha256":"9968dd48aa8d7c45b6338fd88932f00418d9a8ff51dc02c5147e8b50562aeec3","sha512":"35d79831857d3548bf579e8f7a9bd8a6e765e9cfde2d0d7c2f9a8c2b285a3b7a5772e101084440215c217190222030a4130005783812c0fb2c61e0a73e7e186e","ssdeep":"","tlshash":"6d6126edfdd7b13796ea59f945284410b28e6f10686e094de54fd0426a33888e0bfb64","first_seen":"2026-06-29T15:11:12.653372Z","last_seen":"2026-06-29T18:43:33.574055Z","times_seen":2,"resource_available":true,"data":null}},"time_used":730,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":730,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/platform/dev/favicon.ico?2.0.1780313038026","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:51.001Z","timestamp":1782745851001,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /platform/dev/favicon.ico?2.0.1780313038026 HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WRnOgU62G4CpeXtyC6dEEtgS2PW%2BmwEI6XmhJb9oGtx9PWpNkUugE4hC4uF7dyCw4Kgd7v6RVqFO%2FtIae41cOJYE4aCf91Aps%2FafPLb64feDz20NEq7xaKUwUU%2BOAwU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:51 GMT\r\ncontent-type: image/x-icon\r\ncontent-encoding: zstd\r\ncf-ray: a135dc40cf6a49c5-OSL\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\netag: W/\"6a1cfb3a-68d\"\r\nlast-modified: Mon, 01 Jun 2026 03:23:38 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1677,"size_decoded":1934,"mime_type":"image/x-icon","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 57x38, components 3","md5":"5cc0155043de66e7e554dc76dea7e7e6","sha1":"d86031f827d88bda5257306aaca13e8de1584536","sha256":"1298dcbf9df2717544de0dc74ede64fddf06692244761d675c3e0c34df1aa94c","sha512":"9a13af77aba2e36169e3baac0d53ccada2cf15e3a3089d5a3cc4645be92c3d705edf24e0205aac5ecbff220f32ae6ba51dc635cc14dcff54aa094c6807080e1d","ssdeep":"","tlshash":"aa319672b78567a1ec518bf582022796f7ac7922fac56715a9c041f3cb10ec5685c90d","first_seen":"2026-06-29T15:11:12.654967Z","last_seen":"2026-06-29T18:43:33.550249Z","times_seen":2,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/32-73735bc2.jpg","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.352Z","timestamp":1782745852352,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/32-73735bc2.jpg HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KxBjJl007Kng5hW3kpA39mNelaFcFlwd8ArWpWmAoeUryldC3N1x9ewRbRTwLb2PMxPQMY4Cf7KTMgb%2FY6v10vdq6vgwHaG6D7klF3ze04a8Pnx3OfHrsIWe2fVezNU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/jpeg\r\npriority: u=5,i\r\ncf-ray: a135dc49388f49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb4e-db46\"\r\nexpires: Wed, 29 Jul 2026 15:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":56134,"size_decoded":56883,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1143x594, components 3","md5":"bd7520a386f6e5fed713051ace7aad4f","sha1":"bed31354fe16614c28c906073a72d3ed1311c923","sha256":"73735bc291d53d57bbdcbfd6c60a89db900b86b928fc1c552eefcf5534a5e4ba","sha512":"f54247f35cd62651099c7e91caa120e3f0cde676f2d359f1712f10a156de30432d040ef67bfa1ffa0c3bb8385846a6c3aa7a023c2e7e6c84e63530ed61c4770e","ssdeep":"1536:H3/XLsbqAu9eOZbl4PgBkxwmMPzNVqO46ZuClvCC/gHvA:vLLb9eOdi0qwPacuCl6C/gY","tlshash":"7a43f156a1844ca6dd34873a4a9a8931d613361b63feb661c9d2c7480feff10bb7f409","first_seen":"2026-06-29T15:11:12.656442Z","last_seen":"2026-06-29T18:43:33.527211Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1007,"receive":248,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.waw856.co/images/currency/echo-res/ETH.png?2.0.1780313038026","fqdn":"api.waw856.co","domain":"waw856.co","tld":"co"},"ip":{"addr":"137.220.153.16","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.359Z","timestamp":1782745852359,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.waw856.co","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 17:12:17 GMT","end":"Thu, 10 Sep 2026 17:12:16 GMT"},"fingerprint":{"sha1":"73:AA:74:08:49:C7:5A:4A:03:87:36:43:AF:CA:58:85:78:1F:57:68","sha256":"4D:2C:75:3D:BE:5A:CC:76:10:F8:CF:14:C0:D6:DF:1C:1A:1F:EC:F3:A0:37:CA:A2:9D:9B:97:3E:11:2C:0A:D4"}}},"request":{"raw":"GET /images/currency/echo-res/ETH.png?2.0.1780313038026 HTTP/1.1\r\nHost: api.waw856.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Dec 2024 16:04:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"676adb91-c88\"\r\nexpires: Wed, 29 Jul 2026 15:10:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3208,"size_decoded":2883,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"4fe021c8f8c9e7e44ec7e4815469541d","sha1":"d2835938a6b3771b012a15d9a4c2839e7327489d","sha256":"8ab86382438f8b5df315a9d139b7207c502dc055d16ca051a6a4967382ac6ba3","sha512":"858149b1b6e59802f92754f9cc58e4b357c59bc2b9a6bfdb52712723d5c3597f62826da9a003cb50bf7c553259cb968bfe60e2c05a758921676baf069dbe555c","ssdeep":"","tlshash":"f1610945f510ac60a545f984fefa01036b370be499868c1abdcd9f6798250f7d90cac3","first_seen":"2026-06-29T15:11:12.658048Z","last_seen":"2026-06-29T18:43:33.574972Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1832,"timings":{"blocked":-1,"dns":57,"connect":249,"send":0,"wait":248,"receive":0,"ssl":1275},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.waw856.co/images/currency/echo-res/XRB.png?2.0.1780313038026","fqdn":"api.waw856.co","domain":"waw856.co","tld":"co"},"ip":{"addr":"137.220.153.16","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.361Z","timestamp":1782745852361,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.waw856.co","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 17:12:17 GMT","end":"Thu, 10 Sep 2026 17:12:16 GMT"},"fingerprint":{"sha1":"73:AA:74:08:49:C7:5A:4A:03:87:36:43:AF:CA:58:85:78:1F:57:68","sha256":"4D:2C:75:3D:BE:5A:CC:76:10:F8:CF:14:C0:D6:DF:1C:1A:1F:EC:F3:A0:37:CA:A2:9D:9B:97:3E:11:2C:0A:D4"}}},"request":{"raw":"GET /images/currency/echo-res/XRB.png?2.0.1780313038026 HTTP/1.1\r\nHost: api.waw856.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Dec 2024 16:04:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"676adb91-f00\"\r\nexpires: Wed, 29 Jul 2026 15:10:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3840,"size_decoded":3528,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"f6ee73da973ab829d7750215f89edd84","sha1":"ef7d9a3f60f6f4530fba367c1ca15e25786c93f1","sha256":"fb6bd9013a4013d812a417b95d834a8717bf0bb0c33f1a7399a562f6c2ffb9b2","sha512":"2c8a8a68d7fee4eab706e59eac32362a315bba39a35f2817b67ff61b82279656fa67792e4eaf3c1aede8f6460f5c9aa2426334732465d161548ea90c8033f376","ssdeep":"","tlshash":"68814a1efa1479204d0af608aee95023bf330be44ec199d5bcc1db636874176a51daf3","first_seen":"2026-06-29T15:11:12.659374Z","last_seen":"2026-06-29T18:43:33.551298Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1827,"timings":{"blocked":-1,"dns":54,"connect":248,"send":0,"wait":248,"receive":0,"ssl":1274},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/2-bf437e1d.png","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.376Z","timestamp":1782745852376,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/2-bf437e1d.png HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2nOQWYIh%2FboS23s%2F51td0bWGdU0%2BOT0%2BWhZeJ5U6Q4gAb%2Fu8Ey%2BWXdUPeVnFtGvkS%2B6Cfr8ANL8MuMU9AwdFeNc1dX%2FoC7VNnT2aEhxovFkGeiN6OiF2KopcsgmnhHc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\ncf-ray: a135dc4958ba49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb4e-3472f\"\r\nexpires: Wed, 29 Jul 2026 15:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":214831,"size_decoded":215594,"mime_type":"image/png","magic":"PNG image data, 464 x 442, 8-bit/color RGBA, non-interlaced","md5":"b1c3586979e7fb9f9794c0255c8a379d","sha1":"481f07bf29622e967904d02a41411e4288dd4f40","sha256":"bf437e1dc4c06324181d6ca2c32e5874e79bf44208a1b4ad4694b7f96c5e79e0","sha512":"deb32b7ec4f5de335affeb56ac4f697df30cdad9b77ec0fd2474a4c1671351c340023dbd661775563bc7ad8048f2b837ed6fe5ea64b9ee2ce3ae9033b97f8dd1","ssdeep":"6144:3MIsUoaxDI2jocHyCE81k1IhBodIuAsSH:3MIsxC02jOCFrzoFAsI","tlshash":"6f2422e72b981ff5647690b36149769bdab24180c90eb005d9b6d10eb011b9630fbeef","first_seen":"2026-06-29T15:11:12.66059Z","last_seen":"2026-06-29T18:43:33.52444Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1627,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":936,"receive":691,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/common/getCoinList","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.849Z","timestamp":1782745849849,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/common/getCoinList HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":442,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":1120,"timings":{"blocked":0,"dns":125,"connect":247,"send":0,"wait":248,"receive":0,"ssl":499},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-4f4afda7.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.861Z","timestamp":1782745849861,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/index-4f4afda7.js HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FYqc5Gm%2BBb3pqQ8rlg7%2BcTkfA%2FEF1fOvvz3jfDnK5gneFtrWocC65bIVXiNMN4o0V0UjH2jBZoIuBF1WioirDrwQOshOPeehCA5%2BwImEhO4%2BgpxYIXXf0bylK25XjOQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: zstd\r\ncf-ray: a135dc39ae0249c5-OSL\r\ncf-cache-status: MISS\r\npriority: u=1,i=?0\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-308\"\r\nexpires: Tue, 30 Jun 2026 03:10:50 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":776,"size_decoded":1256,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (775)","md5":"82798a2fc7298522ac5984c2865c838c","sha1":"7fa14afb916bf5d532c2f45b0cbe549ff087baf0","sha256":"4148645dd50221049c0ccf2df751e40b51d6378bf78c401b476ec7781d792482","sha512":"3594273e23be72a75b552a4005321f3a368b6f24de4ee7efbf7bfe85d84f1d1d6b5b36cc3345e9a79c1e20a97fb336f14bbdee530f0624f51f8a33bc348a0e20","ssdeep":"","tlshash":"fc01f8f8fd1d8ebb0ea20a4001902601140a2fddfa1419f198867d6a2be5940dbce32d","first_seen":"2026-06-29T15:11:12.662053Z","last_seen":"2026-06-29T18:43:33.545751Z","times_seen":2,"resource_available":true,"data":null}},"time_used":709,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":709,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/30-e41afeff.jpg","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.350Z","timestamp":1782745852350,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/30-e41afeff.jpg HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dQFr3S6hI9%2Bl96guA%2BPRbxDwqx6ZJIJianNzHOsM%2BKFMbC8hh3tEyP8wJXtpVeD%2FCRaCRJOmNfyRKospYa0IJM6mha%2F0QLhlShi7fInSdRFhuFDwW60Up0Q2RL5Kndk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/jpeg\r\npriority: u=5,i\r\ncf-ray: a135dc49388e49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb4e-24405\"\r\nexpires: Wed, 29 Jul 2026 15:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":148485,"size_decoded":149243,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x768, components 3","md5":"80c969c31078397dd3c0ee487567128c","sha1":"5f06789288cc611e322097bd49bd0824096d991e","sha256":"e41afeffc4564163eb4d05c2bbec00ad809f3bd47f8700c9b9afe20de20be529","sha512":"490425321cf867a67b6a131d77d137fa967a40d332b3caedbd7d0b19a77d819f5fcb4898b4fb5efd513f8536efffb9498f0a6f0bad8976fbeaa4823f8529ecca","ssdeep":"3072:eaF2NAji/3zLhnzeGAhHBTzQC2J1gV8NY/a2KEHHckoA:/2B3dLudt2J1gSNY/akHczA","tlshash":"c0e3122ad23db8f388ec8b750e170a3d54503eb5f59879c1c1b14e29e9236ed3e78924","first_seen":"2026-06-29T15:11:12.663284Z","last_seen":"2026-06-29T18:43:33.513562Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1501,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":989,"receive":512,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/7-6412c69d.png","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.383Z","timestamp":1782745852383,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/7-6412c69d.png HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tI%2FRTSEe8V212INQhBSsysZKLVe0Dd4%2B3Gf3o4PdNANaVdfwZn7rdR52b0AjJhe7KKPhKp4Nhmwtox3yFS6JUy5Z7fimaXOxKZISKnJ4jMH2ZNG3NNDmhhPjJlDxT9g%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\ncf-ray: a135dc4968db49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb4e-13af\"\r\nexpires: Wed, 29 Jul 2026 15:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5039,"size_decoded":5789,"mime_type":"image/png","magic":"PNG image data, 98 x 98, 8-bit/color RGBA, non-interlaced","md5":"a282566c113972c130b69cc3e37579ab","sha1":"bc0a340b944cd378156cd1043ac02acab00b0531","sha256":"6412c69d9988daf6683f21309530825ff772c4a9585c0acd8de3c197f2340af0","sha512":"e729c8bed3ad5ed5368bad5cc4dda3aa944043026c21ff8286cecd79073cc5d2a09ef000a79921a5682f44fc6dc5db151e8d3e8d493e3dd156832fac51876b89","ssdeep":"96:Xx/JmzfPYQefYQyzTXmXH1D+Md6VmUkiUDQopD1muJ6sGXJQSl9nzn7t/JjECf:8fAQefDy3QH5x6VljsyuHGXJQ47r4k","tlshash":"bda18fd4023d1a63477e4374d0f0ed527ff21ebeb7784690b650964d4e82228751d406","first_seen":"2026-06-29T15:11:12.664476Z","last_seen":"2026-06-29T18:43:33.571947Z","times_seen":2,"resource_available":false,"data":null}},"time_used":734,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":734,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/common/type/defi_activity_type","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.392Z","timestamp":1782745852392,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/common/type/defi_activity_type HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:52 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":452,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-bc011be9.css","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.862Z","timestamp":1782745849862,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/index-bc011be9.css HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=elInZO3u1Rdxb2G5ZR9%2FrzwpL5DgLbDrv5Dy8OVYLODQ3bp0BgRDpTN%2Fo%2BoPAk%2FL3ePCaXDRfxFbsn9eb5doCvSsEJHEatxuniMLQBm%2B0b3DwlV7rclPE0XZ%2Bki3VoE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: text/css\r\ncontent-encoding: zstd\r\ncf-ray: a135dc39ae0449c5-OSL\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-18d\"\r\nexpires: Tue, 30 Jun 2026 03:10:49 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":397,"size_decoded":956,"mime_type":"text/css","magic":"ASCII text, with very long lines (396)","md5":"5353ff252ee4a5e7a3d0176de6a6c712","sha1":"c83942b5dfdb4aa8be53f26b39e53b0b257595e0","sha256":"bc011be90fd6cd33a399912151a5f69ba0d8e394563c71c4c1bea7a4ec032516","sha512":"9a17506817918ef0c9a5d0caebaed8f603641dc1015a726bdf247645a7e0a988b543756d7254abafa18dd4cd9d27c9a198300632156faf59f05c1e27f0a5e30a","ssdeep":"","tlshash":"5ae092c890d6927fb62b607d267c931ad425ac88d8007bb8e67fabb146c7ac53172215","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-29T18:43:33.546782Z","times_seen":1315,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-7b837351.css","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.872Z","timestamp":1782745849872,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/index-7b837351.css HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: text/css\r\ncontent-encoding: zstd\r\ncf-ray: a135dc39be0f49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-46f8\"\r\nexpires: Tue, 30 Jun 2026 03:10:50 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eyLnLSHXDAyijey9%2FqEPKVuEfVlCC7VOWtFAUtHtxz85psLYsZW4X9yR%2FdXZHOXgKMTzlAQ2gUSSzgqFwfHLnmHpP1FZ%2FQqnM5QdrrjCHN5r8ghbUKuZYOt4TaEzPTc%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18168,"size_decoded":4494,"mime_type":"text/css","magic":"ASCII text, with very long lines (18167)","md5":"b18e7904c93a4327aecb7126468c0e92","sha1":"df1da1321f54a2de3c0ff9c90611f141f2db6902","sha256":"7b8373511357786d413c7ad2d80d60f1303f9905f19594063fee740b103562cb","sha512":"0f489f153ff468e8f11abb384f8530125b8e661b3d36ea098a02db80e5bd4c7c6e537628b39c3ba80a329a45d5d69aaaff1f0b0a146e39eea2979b7175cdd068","ssdeep":"96:BtF9GFyGp6ezOETj8XMp5mXUVM2tL0a5OxJoU+62rfJ7PI4O59oLm7l/KweDZIqL:BtSp6ePfpYvfJ2FI759oLm7l/KweDS0","tlshash":"6082872ab7b52234ac37d2d1fe885dcce509af12e193dd94ea17ed219cdb1db292014c","first_seen":"2026-06-29T15:11:12.666564Z","last_seen":"2026-06-29T18:43:33.540627Z","times_seen":2,"resource_available":false,"data":null}},"time_used":758,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":758,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/common/getMt5Amount?coin=USGC","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:51.277Z","timestamp":1782745851277,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/common/getMt5Amount?coin=USGC HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:51 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":442,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.waw856.co/images/currency/echo-res/TRX.png?2.0.1780313038026","fqdn":"api.waw856.co","domain":"waw856.co","tld":"co"},"ip":{"addr":"137.220.153.16","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.369Z","timestamp":1782745852369,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.waw856.co","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 17:12:17 GMT","end":"Thu, 10 Sep 2026 17:12:16 GMT"},"fingerprint":{"sha1":"73:AA:74:08:49:C7:5A:4A:03:87:36:43:AF:CA:58:85:78:1F:57:68","sha256":"4D:2C:75:3D:BE:5A:CC:76:10:F8:CF:14:C0:D6:DF:1C:1A:1F:EC:F3:A0:37:CA:A2:9D:9B:97:3E:11:2C:0A:D4"}}},"request":{"raw":"GET /images/currency/echo-res/TRX.png?2.0.1780313038026 HTTP/1.1\r\nHost: api.waw856.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Dec 2024 16:04:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"676adb91-f65\"\r\nexpires: Wed, 29 Jul 2026 15:10:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3941,"size_decoded":3635,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"40d6819ded80b7c1e31256a5a8952adb","sha1":"7d18e1c5fe0bc19dff77f25c4b0a466375ad2c9d","sha256":"9c85d718e6e971989685e9a1993164a3b96eeabab53f29267596393148314a70","sha512":"11d9d728cc7f848bd8a7ecaae41ca3a5d99bad5ce2ea2bf9dbdfdea4f5d096fcb2d7e677e10bc3ba51b5f4cb979183de5f740def2b496562b2001ec17a924a4a","ssdeep":"","tlshash":"1a810b04d4523994a65efac079f9618307ab5ed014c6a401becade5758712f5e12e9c3","first_seen":"2026-06-29T15:11:12.667837Z","last_seen":"2026-06-29T18:43:33.51946Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1270,"timings":{"blocked":776,"dns":0,"connect":0,"send":0,"wait":494,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/4-1418fef7.png","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.377Z","timestamp":1782745852377,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/4-1418fef7.png HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5FO9ailGPGwm7axnGV%2BL9jAb2RpFMoPLZI%2FuF71ZL2GLd3dDxaBe%2FbLayKFS1ZwsZZfYT9etjJkqBkIbKF9b1Vs16MIboU8npEgiU8o2MfBIKGZYUVGhuwaRi11aTEQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\ncf-ray: a135dc4958bb49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb4e-2c9b\"\r\nexpires: Wed, 29 Jul 2026 15:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11419,"size_decoded":12171,"mime_type":"image/png","magic":"PNG image data, 110 x 106, 8-bit/color RGBA, non-interlaced","md5":"bb60216b7229d11e629e1eed1dfa9dc3","sha1":"bd2132db60daa8a02973e59eb003319632dd6fe6","sha256":"1418fef7b25e7415f195772dd6c11ba8e0b775261614e83bd8fe2ee86843476e","sha512":"51d73794641e4a17c8926ae83145dabf18570debf80170891bd431c20298b764380fc02e856c76b35cd5f29e8f16cb4a4f862bfdb56bf4e44e418c1f02db02b0","ssdeep":"192:ptLpcr+7tdrNy84KlDntqi+0AvxDLkSE1L58iD18B/7tmIfbODVW4ssG+V2yrbKi:pBGuZNr4KltDAvNkbp8B8DWYH31T","tlshash":"1232b053b325933489ce8e7b3f745ac0fd221469443ea4ada1a6068bd1fec1525aca25","first_seen":"2026-06-29T15:11:12.668993Z","last_seen":"2026-06-29T18:43:33.57663Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1010,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1010,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/notice/list?key=ROLL_NOTICE","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.390Z","timestamp":1782745852390,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:52 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":452,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/vendor-72ef657d.css","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:47.741Z","timestamp":1782745847741,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/vendor-72ef657d.css HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:48 GMT\r\ncontent-type: text/css\r\ncontent-encoding: zstd\r\ncf-ray: a135dc2c6bb749c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-16997\"\r\nexpires: Tue, 30 Jun 2026 03:10:48 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bL27ReMj7UhG3CqGv2n3iV6yV3oJVM5Cy4crX83je2J0heHdja6ZdZyjDr%2Fv7E24ZcUxrgiKoSI1sqJOjGO52dFqflTOlojps2QhhduADVn6zsxnU0ck9ubJQzUd4O4%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92567,"size_decoded":38762,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65022), with no line terminators","md5":"b40940e3efd47e3e653fe1fbec0ab363","sha1":"3911d44e1bceb07e83746e6bc68de9dbb587b11a","sha256":"72ef657df5906e9f23040a4ceb49985bf894ddcb4324d7d873a0c20b15d3e864","sha512":"f3706c9146b2091fb1a864ab4180d0a1538e801686af21bab4c7231421859a99fba7dd694632faaf1c457fb06711fcb16809e2221fe692c16390e7e98ccbf4d5","ssdeep":"1536:ZTIyNBi3MFYaQj73rx3WqyrtpqoSWEDZEnX73:ZdN0rxmNH9yDWr3","tlshash":"0193c5a5e9c4a1fc6f26f6659b4766d8f13cf661cc01daa0f109512d0fc7bf50223a2a","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-29T18:43:33.543318Z","times_seen":258,"resource_available":false,"data":null}},"time_used":1080,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1077,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-d79c921d.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.856Z","timestamp":1782745849856,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/index-d79c921d.js HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=1,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: zstd\r\ncf-ray: a135dc399e0049c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-4083\"\r\nexpires: Tue, 30 Jun 2026 03:10:50 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SeVF%2F8fA2%2BFY7EEg23mteCPeY0yf72a%2FZShC948uC%2FWA9q4ymlVgjSD9yqNetLo7EWxHwkVkqazzBHIL6tmJpPHL3WK3kMW9bCgwN384UOE3feqdE4oWOO%2FIPPcWjaA%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16515,"size_decoded":5336,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (16514)","md5":"7ac5287b39a205a7bef559ed82ed2bd9","sha1":"9efb88cb650dc0848589d295e1ff2d3a4394bd1f","sha256":"7a5e1453faa5557d49c5c2cdcc5248125dac461a7abfdce12c3e1686cbd97b24","sha512":"8a8a04659dd290ac7a3fbd66f9f2c68e485d9a06fe68f195f3ab6e550ffd609c7129705a7a1ab210e93a47d53d9b2ca7f44b1aab439b6da331c72ab12ee8d0a9","ssdeep":"384:+ZZ+AcIJVHlfJg3HitQO64BPYJuBsXdd1rdImo/lSpJjk6ofcPUOSJMQCzUim2m6:+ZdJVH1JgyQ4AJux/lSpsNOSJMQCzjLT","tlshash":"0672b742f90a963de9b3b09105d90001711a3fdda04e98ebb1fd4d47a762eb4b7057ba","first_seen":"2026-06-29T15:11:12.670992Z","last_seen":"2026-06-29T18:43:33.544646Z","times_seen":2,"resource_available":true,"data":null}},"time_used":786,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":786,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/currencyItem-823d4767.css","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.871Z","timestamp":1782745849871,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/currencyItem-823d4767.css HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: text/css\r\ncontent-encoding: zstd\r\ncf-ray: a135dc39be0e49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-6d6\"\r\nexpires: Tue, 30 Jun 2026 03:10:50 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RJ6Uf4deoZlK3bDcP8QoptxMuTBBnAV6iOTymNaPLz8oJCN%2F1J7qAJE1IXDjv4BC58pJ8jkO8Afrh2PC4FhLTpUZLY7OuR5NZnwN7FsS1emSvK1WKQDZPrIP9m8pev0%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1750,"size_decoded":1310,"mime_type":"text/css","magic":"ASCII text, with very long lines (1749)","md5":"f5153d7ad75512408bfedc5aff6db8f0","sha1":"350c5ee39a0504659d5683aaa326bf078235ce1e","sha256":"823d4767bff172ec2727d95da2a1cb6654902551de9253fdd50343ffff7830bb","sha512":"2f0561b7703191502d3ed5cfaa342ebb9f941d841e681a3e9bc7b3881075bbc520ab1208a8a3c779aeb4b94ebf25e5c14582eba9d52aa9086a095b9ccadd0784","ssdeep":"","tlshash":"e731bca453110374e936d4c6aea84108d0163f819007d6dafd8b0a379ccbea30ab0d6e","first_seen":"2026-06-29T15:11:12.672228Z","last_seen":"2026-06-29T18:43:33.549161Z","times_seen":2,"resource_available":false,"data":null}},"time_used":722,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":722,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/common/getMt5Amount?coin=XAU","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:51.269Z","timestamp":1782745851269,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/common/getMt5Amount?coin=XAU HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:51 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":442,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.waw856.co/images/currency/echo-res/LTC.png?2.0.1780313038026","fqdn":"api.waw856.co","domain":"waw856.co","tld":"co"},"ip":{"addr":"137.220.153.16","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.365Z","timestamp":1782745852365,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.waw856.co","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 17:12:17 GMT","end":"Thu, 10 Sep 2026 17:12:16 GMT"},"fingerprint":{"sha1":"73:AA:74:08:49:C7:5A:4A:03:87:36:43:AF:CA:58:85:78:1F:57:68","sha256":"4D:2C:75:3D:BE:5A:CC:76:10:F8:CF:14:C0:D6:DF:1C:1A:1F:EC:F3:A0:37:CA:A2:9D:9B:97:3E:11:2C:0A:D4"}}},"request":{"raw":"GET /images/currency/echo-res/LTC.png?2.0.1780313038026 HTTP/1.1\r\nHost: api.waw856.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Dec 2024 16:04:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"676adb91-1190\"\r\nexpires: Wed, 29 Jul 2026 15:10:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4496,"size_decoded":4165,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"cc993c30e0f9b5623e2bfc164b9c4bc6","sha1":"3be1c164ca05d23ef7f0a328e8388bce10b83a9e","sha256":"a0d3f6d8194902e0f414bbeff841220a9e420025dd7eb068edd46b43f46a73d1","sha512":"ec842473f8487131c95e7a51c9b9343ad61c24ec4f331a0b40cbcad3a3a4ba32afb9dc8957c48b8ed90e86083285f54ef8aa24b23e63de56de6be5397cb30710","ssdeep":"96:27SZo7FhknmWpJwrSoBHoOHHykaM4MP3yGkCeSUqcwRKwmEhrFs+khhN0a:oSu7FhkngbBIOypci/CeSXcXwtpF5yNR","tlshash":"df915c04fc245d9b4a4efa0969faf10b236749d28601e811bcdace47dd703f2644c7ea","first_seen":"2026-06-29T15:11:12.673248Z","last_seen":"2026-06-29T18:43:33.516372Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1826,"timings":{"blocked":-1,"dns":51,"connect":248,"send":0,"wait":248,"receive":0,"ssl":1277},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/common/getMt5Amount?coin=XAG","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:51.270Z","timestamp":1782745851270,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/common/getMt5Amount?coin=XAG HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:51 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":442,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.waw856.co/images/currency/echo-res/BNB.png?2.0.1780313038026","fqdn":"api.waw856.co","domain":"waw856.co","tld":"co"},"ip":{"addr":"137.220.153.16","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.366Z","timestamp":1782745852366,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.waw856.co","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 17:12:17 GMT","end":"Thu, 10 Sep 2026 17:12:16 GMT"},"fingerprint":{"sha1":"73:AA:74:08:49:C7:5A:4A:03:87:36:43:AF:CA:58:85:78:1F:57:68","sha256":"4D:2C:75:3D:BE:5A:CC:76:10:F8:CF:14:C0:D6:DF:1C:1A:1F:EC:F3:A0:37:CA:A2:9D:9B:97:3E:11:2C:0A:D4"}}},"request":{"raw":"GET /images/currency/echo-res/BNB.png?2.0.1780313038026 HTTP/1.1\r\nHost: api.waw856.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Dec 2024 16:04:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"676adb91-e73\"\r\nexpires: Wed, 29 Jul 2026 15:10:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3699,"size_decoded":3371,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"6af75bb0a13f76ec617785d04a75e681","sha1":"140802963e1cc4209558fa58622f33698e8a6ce4","sha256":"2ec8752559110691faacdb70e3674b21fc69011d4c53deb4ab6a09b3bf96d13b","sha512":"94f9b5f9177c4fd29541c11e2d83cf6cf9734542d9334652b1eb3ec4d59e3ce0008a762bbedd107f7213bf5da9356a0dce82612f4f8bbe1067b0a0a38a6d7939","ssdeep":"","tlshash":"c4713c8de5601894424eeb89aedd70a317fb87e1a583b0447cddcd832cb01bce65d9e5","first_seen":"2026-06-29T15:11:12.67464Z","last_seen":"2026-06-29T18:43:33.564253Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1821,"timings":{"blocked":-1,"dns":50,"connect":248,"send":0,"wait":248,"receive":0,"ssl":1273},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/common/getAllSetting","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.391Z","timestamp":1782745852391,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:52 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":452,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-a78f6551.css","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:47.742Z","timestamp":1782745847742,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/index-a78f6551.css HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:49 GMT\r\ncontent-type: text/css\r\ncontent-encoding: zstd\r\ncf-ray: a135dc2c6bb849c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-4aa85\"\r\nexpires: Tue, 30 Jun 2026 03:10:48 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KnMImzWhS4RS7ulnUwrV5aF40t%2Bt6RCgNNaHDdMwYfZSM9hp0hRq%2Bj2NSIFso8V2UGQTcmXauD0LEv1RIMvo%2BH1wWpzCxgYs4nHEzD%2FUq%2FSSZ%2BmgeWGwwn%2BjUIcrRrg%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":305797,"size_decoded":70366,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65022), with no line terminators","md5":"a1d013239fec7e3682034ddcf63312f7","sha1":"6a4c393b28afe5656a874da557fb215b15a6004f","sha256":"a78f6551fe3cebccbfd53afed8a2e38c6c8121b2350e3ec979e810bd172940d3","sha512":"dc2e31f9ca79b838bc7570a5ca780d155efe79787643fccef62df711aff781cd72375b84b3b52cb68ac29e7434781fc6589bc364dc450e2520ce4ab1967ecaac","ssdeep":"6144:nAN/9SpddBmkZ8w71ZACkFDS3vyf58rBeV05TV:AN/YBTZ8w71ZACkFDS3vyf58rBeV05TV","tlshash":"c254d7a9a59011bc6f27aa7597ce5ad8f23ce6719c118de8f201600a4fc3ff91363617","first_seen":"2026-06-29T15:11:12.675921Z","last_seen":"2026-06-29T18:43:33.558895Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1272,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/platform/dev/config.js?1782745849837","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.839Z","timestamp":1782745849839,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /platform/dev/config.js?1782745849837 HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pEIOic5OrlruBczHBAL9Jjf5Bn%2B4k5rTORmuIHIUqkLcwXyjglvHNygazDGR5eW8LN6fJX85Jw8NOVxjPXc0mgIgDsWK0v2inWkgmTdGnsJCD%2FfmnXDyJY6dE0SzEdo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: zstd\r\ncf-ray: a135dc398dfa49c5-OSL\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb3a-18a\"\r\nexpires: Tue, 30 Jun 2026 03:10:50 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:38 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":394,"size_decoded":1041,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"945c4407e2ebb40991241bd54af50e8b","sha1":"c83ca8c3a55b8d2472227c14d99ca7f306aebb4c","sha256":"fe08fe2646cf28b611f22664d9224cf38fcacf1af20343b9042dcdeafea2a5da","sha512":"71f47c7555ff48524c751684074b8c6f2a99f9087e87af2371bb951533308003cd862bd31c47418d2ebe3f5940a0aae2fa40d473f7728ec5708b77ff0f5b4857","ssdeep":"","tlshash":"a6e02b663228c03455b48b2a6dfc0d17f65767324d9c051bb8b495091e79d5420b8892","first_seen":"2026-04-22T17:43:43.793988Z","last_seen":"2026-06-29T18:43:33.573422Z","times_seen":10,"resource_available":false,"data":null}},"time_used":773,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":773,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-7223bcbc.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.864Z","timestamp":1782745849864,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/index-7223bcbc.js HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fQkpPzYgipljYDqrDS44wEOlth4wQ9SUNRmC1IBRolXl13VaNkTyxecz2hBOL7kBgOphVUX28MVTOj70t4D8Fw%2FqxtY5lTxkK3Hmgre4KgjM0qHAKptamHx%2Fso98QTw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: zstd\r\ncf-ray: a135dc39ae0649c5-OSL\r\ncf-cache-status: MISS\r\npriority: u=1,i=?0\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-184\"\r\nexpires: Tue, 30 Jun 2026 03:10:50 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":388,"size_decoded":1052,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (387)","md5":"ac3e98c7ce451839cfd93e283babea24","sha1":"0c458675ad3046b95f0eed4d03533cc82a6ec5cd","sha256":"4b5859a0d7f27eb79fa6ba1b2a1542bd38e4226460c73491d0027d82c4dd141d","sha512":"8fb49e6eefa4043fef9e11a1915a2661012fe29cd11fcbeb0a1312a5baf68006c1baec1b64272fe9844aaf97680e795d725acc5d250b34c17b101bc8dfd7ee33","ssdeep":"","tlshash":"55e0226e2aaad1b267b1ccede2221952a3182b05131581a8e5870604b2789e6605f368","first_seen":"2026-06-29T15:11:12.678685Z","last_seen":"2026-06-29T18:43:33.547457Z","times_seen":2,"resource_available":true,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":754,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/common/getMt5Amount?coin=UKOIL","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:51.276Z","timestamp":1782745851276,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/common/getMt5Amount?coin=UKOIL HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:51 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":442,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/8-160141da.png","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.384Z","timestamp":1782745852384,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/8-160141da.png HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R5FgFVTTVEBvsedCuLx76D27Nnz%2FzpIlZCUlnbrsHCl8z%2BpUaBNbe%2BuX9TPfa3aBNbfRX9ZNSB1bJt%2FgSZXzbx0tXmfz%2FgH3667v5ccZ03qL6Jzh8WMluJBhXLvmAxc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\ncf-ray: a135dc4968dc49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb4e-129d\"\r\nexpires: Wed, 29 Jul 2026 15:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4765,"size_decoded":5521,"mime_type":"image/png","magic":"PNG image data, 98 x 98, 8-bit/color RGBA, non-interlaced","md5":"0eb2475ec7260491bbf3362c5a2f7d4e","sha1":"7234b83e9915cb1171a760221db7de59069bf0a1","sha256":"160141daf1116f42ead667eeb04fc4e4ae0b32f5b5909f17e83e8859e9a3ee13","sha512":"c473606c8afbfb9aceef513aa2305af073307e0dcf38490a6f6b80d67d1423e65546d3958da4a8e02dbc3992b5480b224a4615b65ddc662061b623bd298d3bad","ssdeep":"96:Pf2osNIWJ16qAFWdHKwTBrehBSbyy2OmJ3BzatYxqS7:P+tXqFWdHKQ86O3BZ7","tlshash":"0fa17df7ee498913a9751af762925abcb29f752305b05622f027216a3d249e000cee72","first_seen":"2026-06-29T15:11:12.679885Z","last_seen":"2026-06-29T18:43:33.567616Z","times_seen":2,"resource_available":false,"data":null}},"time_used":771,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":771,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/notice/list?key=ROLL_NOTICE","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.389Z","timestamp":1782745852389,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:52 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":452,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-efaf1e24.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:47.734Z","timestamp":1782745847734,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/index-efaf1e24.js HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:48 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: zstd\r\ncf-ray: a135dc2c5bb449c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a41c196-19c05\"\r\nexpires: Tue, 30 Jun 2026 03:10:48 GMT\r\nlast-modified: Mon, 29 Jun 2026 00:51:34 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E1R4m%2BI1hD2J6I5ENW5KAL0Z5baRR4%2B80lEA9oXYBL4I6Ds2u54EV5s5n3wcin89XCB6TUtRgPWd8Rdu0dIWr5Lif%2BWfrzmv%2BECsnQGWXS%2F2L4hK9vz3ShkwzBeeAr4%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":105477,"size_decoded":30596,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"370131d8b6e78a99cefc4ba6a966883f","sha1":"ba44dee8c579c515ebd1d82b5de329c96fbe018f","sha256":"148aad42631f8d163f6341657206e7a4807fdde7e50b73f93142584808b5d05e","sha512":"2a529591d5b9636393f79ec2f8ce28f304fcb0ad004a1a196724f5b2deb21166a10c5a2c00f0a1e8d0af59abee7de8bf46b28d2d0e361822e160990a229653b5","ssdeep":"1536:4mqF9RcSxv8vjosVRDfgN5BS4ZXGtmDYFJ6:4jVURDfI5hYu","tlshash":"13a34c8995071fbf5cfd0888a95b5a0020691fd35c88ccd7b3ba6e553bfac94638a71c","first_seen":"2026-06-29T15:11:12.681123Z","last_seen":"2026-06-29T18:43:33.56867Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1114,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hw.rangwodf.cc/1.js","fqdn":"hw.rangwodf.cc","domain":"rangwodf.cc","tld":"cc"},"ip":{"addr":"104.21.11.224","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:47.935Z","timestamp":1782745847935,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rangwodf.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 22 May 2026 18:04:32 GMT","end":"Thu, 20 Aug 2026 19:02:54 GMT"},"fingerprint":{"sha1":"5A:63:60:AA:CF:E0:0B:02:9F:23:4E:6E:21:DA:F9:15:AC:CB:78:7C","sha256":"56:34:0F:B6:94:94:4A:81:93:56:DE:21:B2:3C:9B:CE:2C:BB:45:4C:9C:DF:3F:7C:5F:FB:81:26:E6:1A:B1:0C"}}},"request":{"raw":"GET /1.js HTTP/1.1\r\nHost: hw.rangwodf.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Mon, 29 Jun 2026 15:10:48 GMT\r\nContent-Type: application/javascript; charset=utf-8,application/javascript\r\netag: W/\"6a41ae96-110e\"\r\nlast-modified: Sun, 28 Jun 2026 23:30:30 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2LlFoADpDd8THMEffGBijKLpkdrubqWUhuDj9JAe1OTiATd9zo6kSJt8v2l2nylWLzl6ascgai9zU6g6dVQV0zCB8ZdJ1QobUkYjQA4d6Rx9ic0rBEnOEsI7mqn2VsJfWQ%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\ncf-ray: a135dc2e0a3e723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4366,"size_decoded":2570,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"8a7be4d37e40605966b3f251032ef83c","sha1":"04ce12b241f411532969f613d500e0c68adcd1a7","sha256":"43e78f198f373307278dde2a72cc52ebd529cde5a4638d86f79d34ecf7e9d3b3","sha512":"2c13815f477df8a18ba17a5442512f73f365d9712a8bbcd453e6b0e1ca7352b6bb9b8176999c16fd754addfaa4847aeaac11585ab20a2a76b4833a22879f09c9","ssdeep":"48:bD3MlcaYje32enWULpu30EejF5huyFPFalMikhbHdF9SdGH2muyFDM3ii7M/+0rg:bLMujzYpL5EOhT0529KGECDaVAHD8","tlshash":"2691635a212374160674337e5bd7874df725a0f331428699babcc2026ffa076c662ea8","first_seen":"2026-06-29T15:11:12.682414Z","last_seen":"2026-06-29T18:43:33.528791Z","times_seen":4,"resource_available":true,"data":null}},"time_used":472,"timings":{"blocked":-1,"dns":46,"connect":21,"send":0,"wait":405,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"wss://api.citrueswave.shop/ws/cbce4124-78b0-4128-9d81-9165e204dbb0","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.976Z","timestamp":1782745849976,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"GET /ws/cbce4124-78b0-4128-9d81-9165e204dbb0 HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: https://bimiidcd.top\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: rprDGeoRv9hkVPDeczKBjA==\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nServer: nginx\r\nDate: Mon, 29 Jun 2026 15:10:51 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://bimiidcd.top\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: AiLpN3UPALJXZqsCp2f0x5msGIQ=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":442,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":2739,"timings":{"blocked":0,"dns":994,"connect":1241,"send":0,"wait":249,"receive":0,"ssl":255},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.waw856.co/images/currency/echo-res/BTC.png?2.0.1780313038026","fqdn":"api.waw856.co","domain":"waw856.co","tld":"co"},"ip":{"addr":"137.220.153.16","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.357Z","timestamp":1782745852357,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.waw856.co","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 17:12:17 GMT","end":"Thu, 10 Sep 2026 17:12:16 GMT"},"fingerprint":{"sha1":"73:AA:74:08:49:C7:5A:4A:03:87:36:43:AF:CA:58:85:78:1F:57:68","sha256":"4D:2C:75:3D:BE:5A:CC:76:10:F8:CF:14:C0:D6:DF:1C:1A:1F:EC:F3:A0:37:CA:A2:9D:9B:97:3E:11:2C:0A:D4"}}},"request":{"raw":"GET /images/currency/echo-res/BTC.png?2.0.1780313038026 HTTP/1.1\r\nHost: api.waw856.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Dec 2024 16:04:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"676adb91-c7e\"\r\nexpires: Wed, 29 Jul 2026 15:10:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3198,"size_decoded":2874,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"aaa768934b40c7f48ea7a2ca91b8c642","sha1":"71afaefc81f4595545c2a8f8c4cdd0b95118eb09","sha256":"7ef260e35e259feb2f702d5264e87a22fe8f38ecb6fa689f2d6283fa07ac4e91","sha512":"119e6701d86f7cd277d0bdffc4fe24925751062351b22643ef57cfd66e4c2f8386b4f01c7c29e181acaffaa3b6458a4c3a48f2cb428ab2ef4a42df0b3cbb9c4b","ssdeep":"","tlshash":"9d610a09eb1268525e4eeb486aed028bb72bcac4d340b445bdc8d852a8211b59179ed2","first_seen":"2026-06-29T15:11:12.683804Z","last_seen":"2026-06-29T18:43:33.560857Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1054,"timings":{"blocked":-1,"dns":58,"connect":248,"send":0,"wait":248,"receive":0,"ssl":500},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/6-b26b7fc9.png","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.379Z","timestamp":1782745852379,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/6-b26b7fc9.png HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a8gkqj%2FXqciBNJ8RHZSMm81ZDbIqlaHrm1z4S34n1YngDTwUnof2SnExfii2yuq%2FDIeneI7xBQEjrkiHClNdIBHO515bPySQSPf%2FIIapUv1xrvL%2FS1Oa6lJtgGQ4sKQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\ncf-ray: a135dc4958d549c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb4e-176f\"\r\nexpires: Wed, 29 Jul 2026 15:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5999,"size_decoded":6753,"mime_type":"image/png","magic":"PNG image data, 98 x 98, 8-bit/color RGBA, non-interlaced","md5":"2723b3e74f4e043474f650c61a931d3b","sha1":"32c47636b9fd96500037ea914660ccadee69ac63","sha256":"b26b7fc96446d01fe4af52edbfb3c543b54cf4c3ab6e9ff432c85c54ad35cecd","sha512":"acbe5a0c417923aabca6102541561fac565bd7fd28f2cbece33be854b418119b80258897bbbff06efff48f81d7f61ded9450ac6763e38a3b3309988040f66ce8","ssdeep":"96:PMcrSsVQ6ubDAVJpFkcG1xzcoHPgeZfnN+yKHhwHYusj4PLSPFO:PLSkuPwJn5EzZHVl+yKHKYuKC8O","tlshash":"61c17d4dfab977fac81d2952f894bfd2b63910a1b12044c1a1413d595191e1f783b89c","first_seen":"2026-06-29T15:11:12.684933Z","last_seen":"2026-06-29T18:43:33.571005Z","times_seen":2,"resource_available":false,"data":null}},"time_used":756,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":756,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.waw856.co/images/currency/echo-res/SOL.png?2.0.1780313038026","fqdn":"api.waw856.co","domain":"waw856.co","tld":"co"},"ip":{"addr":"137.220.153.16","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.367Z","timestamp":1782745852367,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.waw856.co","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 17:12:17 GMT","end":"Thu, 10 Sep 2026 17:12:16 GMT"},"fingerprint":{"sha1":"73:AA:74:08:49:C7:5A:4A:03:87:36:43:AF:CA:58:85:78:1F:57:68","sha256":"4D:2C:75:3D:BE:5A:CC:76:10:F8:CF:14:C0:D6:DF:1C:1A:1F:EC:F3:A0:37:CA:A2:9D:9B:97:3E:11:2C:0A:D4"}}},"request":{"raw":"GET /images/currency/echo-res/SOL.png?2.0.1780313038026 HTTP/1.1\r\nHost: api.waw856.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Dec 2024 16:04:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"676adb91-bc6\"\r\nexpires: Wed, 29 Jul 2026 15:10:53 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3014,"size_decoded":2693,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"7c16e6781961865079f6eb504aa32a12","sha1":"b7caaccf310b6a07e9ee768c70f5115278674317","sha256":"41c045ba5614887e8b40bc60d5c0e319dd170a0c3ce43fa61e8e63ed35e0e4f6","sha512":"f5aa61c1e6612123f3a9828ce90e10d39c66e01416f2a121f3966848ba856352958bb6bf0518081cfa61cdc73bae1ec12fcf28dd1ee4865f760131a5b54bf58d","ssdeep":"","tlshash":"ab51f61d76246c70554aea466ee8458327bf5ac788c3a082fdd6da5300122bac81fcd6","first_seen":"2026-06-29T15:11:12.686063Z","last_seen":"2026-06-29T18:43:33.575798Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1289,"timings":{"blocked":-1,"dns":48,"connect":248,"send":0,"wait":490,"receive":0,"ssl":499},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"api.waw856.co","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"admapi.mmao-46.icu/d30df0de75f244c69d4791f172be411d.png?2.0.1780313038026","fqdn":"admapi.mmao-46.icu","domain":"mmao-46.icu","tld":"icu"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.370Z","timestamp":1782745852370,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /d30df0de75f244c69d4791f172be411d.png?2.0.1780313038026 HTTP/1.1\r\nHost: admapi.mmao-46.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"admapi.mmao-46.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/1-3e42d63d.png","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.372Z","timestamp":1782745852372,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/1-3e42d63d.png HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LNuyI%2F0vwIMTgRk4azUU6JnYiUI5xNfIAwqp%2FiSCu9DpRTFQV9sGu6z63O8QoO4UOUzp09oSKpXFaHji3Lr2jLQ6f7pnSS7POrKXcD2N%2FOzQ%2FlF%2FNAmfeYf8XkKDNmM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\npriority: u=4,i\r\ncf-ray: a135dc49589749c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb4e-557ef\"\r\nexpires: Wed, 29 Jul 2026 15:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":350191,"size_decoded":350948,"mime_type":"image/png","magic":"PNG image data, 672 x 504, 8-bit/color RGBA, non-interlaced","md5":"8c1b1d1df13fa1c933b563c3aac3baa1","sha1":"e2cb641a64d40b254e437966bd60e3eef8ba268c","sha256":"3e42d63d1eb5d7e35f19f229b12654e187e9e3351dc5653634d38353bd7bfd82","sha512":"ba81cb1c4b045f669471f8976a4a2b6dd02742c850000fcec5a398a82b100a28569dfd7aa6a6d84e8e320ce44315392d6ab0c750b14bfe118c4910f441b50ed5","ssdeep":"6144:8Uv87JvXZz279FMYKhkGqlOYOTpL0FRVHh61iiLMJet0tk3Js6+DnznsLBlmSB:kvdE9WjOGqlO1TpMM13AJqT3JQ7TuIY","tlshash":"77742385714acb7fcd3b1c601073ab0aa275654e4e8672fac19cd92dfe5bb83c468b14","first_seen":"2026-06-29T15:11:12.687227Z","last_seen":"2026-06-29T18:43:33.522007Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1697,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":950,"receive":747,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/resource/svg/dark/home_active.svg?2.0.1780313038026","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.385Z","timestamp":1782745852385,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /resource/svg/dark/home_active.svg?2.0.1780313038026 HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ndate: Mon, 29 Jun 2026 15:10:52 GMT\r\ncontent-type: image/svg+xml\r\ncontent-encoding: zstd\r\ncf-ray: a135dc4968de49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=14400\r\netag: W/\"6a1cfb3a-464\"\r\nlast-modified: Mon, 01 Jun 2026 03:23:38 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T7vmJXSQSvYSe%2FdF6y87c59hAejAa4Z2XrPKlvRGnkroFE4%2Bf4rf%2Bp%2FzsvB%2BiHt7myFgTRCu6irFPwqCYpA34ly5Lpr1DuiFdFTslHHdZTKDtPgA82p4xv%2FDP3BYZpE%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1124,"size_decoded":1364,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cbd4cd5aa7f875bd431aadc29dd6bad4","sha1":"559815a313af721fb55e361a70e69d7a66daf8f0","sha256":"fc8aa250b2105e2254c0072a75a25cce71943f760a7e254a7b9a3a6e5efa8a5b","sha512":"7beb2c4d401c311452ed4b0833bfc6b614817437238f58ca809b38771fb3e6491a1d1dd0d8779dcb559862951e411d79ce12ba78c4e705e46d51ee077de39ee8","ssdeep":"","tlshash":"472120bb17068e7f40064f4c476867c823bca242f1a600c4cfd21a359d26bf7297cc81","first_seen":"2026-06-29T15:11:12.688393Z","last_seen":"2026-06-29T18:43:33.562024Z","times_seen":2,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/resource/svg/dark/quote.svg?2.0.1780313038026","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.386Z","timestamp":1782745852386,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /resource/svg/dark/quote.svg?2.0.1780313038026 HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=69PBJWYxx9sZNEjkLMRKyPLWWIPmwkibqIuf0nNaR%2B%2BH6B78y%2FBU1YYzQvm4HkpAHd3xmYLrBzjI8x%2FXnmZWFrzYLSxeE0D0D33inaZWtwBX2nLa85%2FvrnQFZXuv27Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/svg+xml\r\ncontent-encoding: zstd\r\ncf-ray: a135dc4968df49c5-OSL\r\ncf-cache-status: MISS\r\npriority: u=4,i\r\ncache-control: max-age=14400\r\netag: W/\"6a1cfb3a-3a0\"\r\nlast-modified: Mon, 01 Jun 2026 03:23:38 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":928,"size_decoded":1227,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"60c143c637b119ce4f9372ccc173edbd","sha1":"f148bfb148a0be5e5715ff7165b3bf7b50fa7c5d","sha256":"5eeaeb2eb6adf5649f621bb60a426ea264d005529398dd1c8676af272a2818a3","sha512":"9aa6ab1f0b08eee85fcfc369c2e9a3175287331348805ee1b6bc365774ce345d61707a289a1f4ed1b394426c05380e4e134f1b61b43e5d7ebeeb930f625b80aa","ssdeep":"","tlshash":"25119cbb071641ba22815b419aec1b1d803af542f0b705dcf7d32e279c2b87720bc159","first_seen":"2026-03-25T16:01:48.392789Z","last_seen":"2026-06-29T18:43:33.552317Z","times_seen":4,"resource_available":false,"data":null}},"time_used":768,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":768,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/platform/dev/logo_144.png?2.0.1780313038026","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:50.994Z","timestamp":1782745850994,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /platform/dev/logo_144.png?2.0.1780313038026 HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vyperUxycTWM1SF3MayX6Chjd5iW%2FKpCBTqa8Ylg5zfIeByvTinp93Xw5XEGEI0%2Fy2ox5Ht7YOcoJYJcJeaiOQmOYaie6kjLrhhjSyqApLakFuFKlpyObzTq2PZUDwc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:51 GMT\r\ncontent-type: image/png\r\npriority: u=6,i=?0\r\ncf-ray: a135dc40bf6649c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb3a-b21\"\r\nexpires: Wed, 29 Jul 2026 15:10:51 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:38 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2849,"size_decoded":3601,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 144x96, components 3","md5":"18f4dc99730ab0192f1a361453f4ce19","sha1":"9f85660c4aa52d9e1d7d968095939219080fa43b","sha256":"e07901bdf4690353f08129dfebb3a9ef22fb47bd5d6fabd9aed8112322881311","sha512":"f4c8b14037d066b57f945ddffc463c10bf30fc4ae268b973cc2c90e3af6f5e951f01cafb7480db0d9d08bf8884bb9b9898a02f9328fda6e27139ea92f5b2e704","ssdeep":"","tlshash":"5451b6a7f36d0a92e465db71ff88eb51e3e82b11b1d633c6a50182f69b049c1ac6c509","first_seen":"2026-06-29T15:11:12.691421Z","last_seen":"2026-06-29T18:43:33.532226Z","times_seen":2,"resource_available":false,"data":null}},"time_used":712,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":712,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-29T15:10:31.384Z","timestamp":1782745831384,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cA%2BlzFOqqxSvCqmg1N1yWrQwf5RMdqgeKR%2BW0ABmng%2FFpQFfjGsCplb28x%2B8Q%2FtFBAWviro3c8osNrGRQWWTkFfA0UkYjYPaqrg5iw%2Fo%2BPj8uXOMSgOr8YDBpTPe%2Fa0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:32 GMT\r\ncontent-type: text/html\r\ncontent-encoding: zstd\r\ncf-ray: a135dbc69b2a49c5-OSL\r\ncf-cache-status: DYNAMIC\r\npriority: u=0,i\r\nlast-modified: Wed, 24 Jun 2026 17:35:07 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5347,"size_decoded":2649,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1094), with CRLF, LF line terminators","md5":"d2735bbc941ad78e786163483baf059e","sha1":"74e4bbeeceb34207e7c98af4174df2c2a2ea5763","sha256":"0d7143352d4b506849b13925716385bfbbe59e391753bf95aae4dca7ae991f3e","sha512":"82198fca8af4886705ae52bb862c8a1e875daf7b741d3e6f05e5e3be4e3f37a96db20881cfed4a4a0a3dbe75a343171790e5908c3ca4196ea8083abb313bea58","ssdeep":"96:+r827Df53uSPExtHft/L8r6TCZydHRH/go2mUsGKAiowGwuB1niHKiHbH/fL:+FX9PELeZCxfB2nfD3bwuB1niqi7ffL","tlshash":"1eb173b36ca1881a23b1012beedbf01cdf61118385194854b5cd90ee4fe6fe584dbb36","first_seen":"2026-06-29T15:11:12.692591Z","last_seen":"2026-06-29T18:43:33.579652Z","times_seen":2,"resource_available":true,"data":null}},"time_used":16093,"timings":{"blocked":-1,"dns":57,"connect":14,"send":0,"wait":16020,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/resource/fonts/DINOT-Medium.otf","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.342Z","timestamp":1782745852342,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /resource/fonts/DINOT-Medium.otf HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bimiidcd.top/assets/index-a78f6551.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MaxmgZXi363AlHtcQlXeI0mPIfPX7i97hUgtBspJ1TI9ALceyVipLS4i%2FNl8uZhtF7r76n994uugfYN1FJbwbsdmGIYRngwLpYhE9RDl1IgzBBcWLTOGWuv1pa%2F5pbs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: application/octet-stream\r\npriority: u=3,i=?0\r\ncf-ray: a135dc49288b49c5-OSL\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\netag: \"6a1cfb3a-11d88\"\r\nlast-modified: Mon, 01 Jun 2026 03:23:38 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 73096\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73096,"size_decoded":73843,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"ab876400560626fbe045633dc44f0748","sha1":"85bbfb1729e86f40ddc9af7197b5f54ed6136226","sha256":"5888b24f6b65ff7c989b4a258dbeb5d997320d61417371210da0258be21d854d","sha512":"82e96ade51b0570c1f691ba45d1a3c0802015dad7598954675c4abe2fa8a9fc705adbe6eb5e677aa5cc03b6704e594cfe99279c678855ebbbcbade6d5028dbd6","ssdeep":"1536:TlK/cP2D2oV7otQjBG1+acfZZHHDEdom1hvd5JItkB7k3Z:TKQQtG1yZSdomrvpIqcZ","tlshash":"0b636f031d4fb9548de4513a52de4ea34bb39ecc1ca493c30ae12d938fece6657152ae","first_seen":"2023-08-16T00:37:20Z","last_seen":"2026-06-29T18:43:33.52623Z","times_seen":1559,"resource_available":false,"data":null}},"time_used":1192,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":723,"receive":469,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/10-b34a6ea9.png","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.353Z","timestamp":1782745852353,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/10-b34a6ea9.png HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eIIBSj4bpHcjjaW9bbJu21vtNyE7tnI%2FHnc3NXLYLEcfNCMJkHLBGhrqUjCZwbeb1d3aA37t5ZsW2gMna9D5g%2B5SXGV%2FXkc5VSqiZ1NOGEPs8%2B71dHgfslSjFJkCJtQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\ncf-ray: a135dc49389049c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb4e-515\"\r\nexpires: Wed, 29 Jul 2026 15:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1301,"size_decoded":2054,"mime_type":"image/png","magic":"PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced","md5":"c63f8e37637e8d29b3dfc48f3064b903","sha1":"19cdc298a4564418550345686ff29b9b702e0400","sha256":"b34a6ea93c1168514fed677d1bbcaf06b7219dfd825c0fee30467478054d2f69","sha512":"e72fe64ef9a671cbbe0a0966a6c41d6139fa5b585753eeb114cfc45ebb82c786a9cd447e9c998abf53d158a02808e69d00e1aedf89a271b8ed77780f163ac2c3","ssdeep":"","tlshash":"a821fb36ff207d3d3ad82291432114b3ce4a478186a4d89101746a1b72703e6f5ede61","first_seen":"2026-06-29T15:11:12.694653Z","last_seen":"2026-06-29T18:43:33.565204Z","times_seen":2,"resource_available":false,"data":null}},"time_used":748,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":748,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/vendor-348cf0e1.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:47.739Z","timestamp":1782745847739,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/vendor-348cf0e1.js HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=1,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:49 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: zstd\r\ncf-ray: a135dc2c5bb649c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-d726e\"\r\nexpires: Tue, 30 Jun 2026 03:10:48 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P%2FnHzfvYiB%2FNoKuzo60QSem9AgcwfmHdnQWWeap0EjNvZ6e2gGoHk2G4nUyvQrGQ6YtqLJ%2FerRfxwltS0Ad%2BBoPCtJhnOG2DcVsrT4ep3jPjmDiDUlq7WntnsXx1CNA%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":881262,"size_decoded":299887,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"adf78437db266dad9d219a7ca154bcb2","sha1":"4751a690339ce8334071fc1de6adcf389b457423","sha256":"f479ad074d75a53b1d447d33e9224daea0b6cb3fc8652674a4d9b73ed13d9446","sha512":"6f8d735d41343382cb99672e6c04fa6bac1e2db0198c8d9f6ab2902754119086f9ed0c8b1231bb408218689fb325c21576def254a67fdca7f76216b94785ef68","ssdeep":"12288:CcFae4xeZMRVDwifmzbB9dw/Xbri8L1w672vI/+a8o2aqWl6yj4Ga2BD:CcFn4xLVUUmZ941w67viaqWl6yZa25","tlshash":"3d1529c57292f06147ab24e240bb0006f3396e59744e84a4f1add8db7d79d89a2b7f3c","first_seen":"2026-06-29T15:11:12.695981Z","last_seen":"2026-06-29T18:43:33.533569Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1893,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1883,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/resource/fonts/Arial.ttf","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.053Z","timestamp":1782745849053,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /resource/fonts/Arial.ttf HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://bimiidcd.top/assets/index-a78f6551.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7%2FvN3vPlDAJ%2FHgHBV%2BXbpomATM7SkJ6EAz79%2FWkOP02N36t%2BJ6hzxHjCB%2BsP983YVDxfOFamJn2zjiQvlZ97KuYrVDC5mu2oZk8rryShbLRVJLP6VYeS%2Fc0vM%2BYUIQs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: application/octet-stream\r\npriority: u=3,i=?0\r\ncf-ray: a135dc349cfc49c5-OSL\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\netag: \"6a1cfb3a-ff9e4\"\r\nlast-modified: Mon, 01 Jun 2026 03:23:38 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 1047012\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1047012,"size_decoded":1047773,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 25 tables, 1st \"DSIG\", 58 names, Unicode, � 2017 The Monotype Corporation. All Rights Reserved. ","md5":"ffe66dbfc4b07f36ef38dd621ad2c7cc","sha1":"e032b102cfc37c3226d17e1b462edea5fbf8fe1c","sha256":"c1216a01b3cc4e94df72577a6f618154058a1d8999ed58fa31ab7e54c7e4be4b","sha512":"3c7952b71c8117938c5284efca0e0b3e8c20d7b84c74a4890f76a72af3b26295786b0f7c33d9b6c980527b4c4c8dad628d1f5e7e5f202d11076367f082349bb3","ssdeep":"24576:NoQIQRjo/Y7wjgTmKJ4WxA7EAD4OBfDamXKE6AMra:NHIQJo/Y7wjgTm0PxAwJHE6hG","tlshash":"f125be0bf3929f0fe3902b38c9a5d761939b76189b2743b73d8c5858ecc85a45e487d2","first_seen":"2023-07-29T15:16:45Z","last_seen":"2026-06-29T18:43:33.572848Z","times_seen":1972,"resource_available":false,"data":null}},"time_used":2138,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":960,"receive":1178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/9-9f5be418.png","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.380Z","timestamp":1782745852380,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/9-9f5be418.png HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dO2yUSVO%2FNUYm9i8CIw6vHmjEjee4HaZsuYu%2BPDKSaFDQYHX23ki8klOHfgHp5gEAhgGEgIKCjk%2BLpnej%2F7zcFy19i4Fpl%2FT9qn78Fl1l4hMHMiVs9SDmzugdq%2B5AEQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\ncf-ray: a135dc4968d749c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=2592000\r\netag: W/\"6a1cfb4e-755\"\r\nexpires: Wed, 29 Jul 2026 15:10:52 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1877,"size_decoded":2634,"mime_type":"image/png","magic":"PNG image data, 98 x 98, 8-bit/color RGBA, non-interlaced","md5":"2396e33b9aee833267edd4e3ff282908","sha1":"8d1cb866ef1e379476231d960e421c1e57063bd5","sha256":"9f5be4186cf6d3f2e489afc0888c6cd791024714ff477baac9b8174a0e0c937d","sha512":"90069341a4edd0bbfe1d779a3e69cd9940f7769c1df66e9d38721a88ecc34b97ab78e0d69749d8dbe41d4c65b194ce140cac716eef3e0fc1058695d55b1a3a2d","ssdeep":"","tlshash":"3641f7b3e28e087c6dfe3057cab9579bac3310a3155852c100ceae394d85d6bb484e33","first_seen":"2026-06-29T15:11:12.698673Z","last_seen":"2026-06-29T18:43:33.580468Z","times_seen":2,"resource_available":false,"data":null}},"time_used":758,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":758,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/resource/svg/dark/trade.svg?2.0.1780313038026","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.387Z","timestamp":1782745852387,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /resource/svg/dark/trade.svg?2.0.1780313038026 HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZB%2FZ%2F%2FpLyv1CfkjTcYGdBcFzkizGViK6SDR2jyvM%2BbMrLduZMFjy52dVrlBT0LbMwXdRnWP9H8jBkaVv5mS8UgpLP2yxzk%2BYbArMNrooDkIydUijuwrH9YGKntXlpj8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/svg+xml\r\ncontent-encoding: zstd\r\ncf-ray: a135dc4968e049c5-OSL\r\ncf-cache-status: MISS\r\npriority: u=4,i\r\ncache-control: max-age=14400\r\netag: W/\"6a1cfb3a-2ed\"\r\nlast-modified: Mon, 01 Jun 2026 03:23:38 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":749,"size_decoded":1141,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e65f84cc99faa0e52a9fee5be2fe113d","sha1":"a3b8d505228f1ecd82b940037c166fa6c2198863","sha256":"0c9fc997a29ca2b1f8f19c4e80a590eb34467f83f3f2363c8d38fc964bd56b23","sha512":"25d0060c6e43dbf35fa65d9df9c2744deb1a20fbb7b810e154ab9a8a8a90ab43b348c6df4d031dea50903bfc37e0f2e5266ff83afd853eb28c5a2eacddca7038","ssdeep":"","tlshash":"ea01bda89826801f80424bc1d3e82a89e03ef243e46201bcf7d011bb6b3490e69bc265","first_seen":"2026-03-25T16:01:48.389528Z","last_seen":"2026-06-29T18:43:33.544018Z","times_seen":4,"resource_available":false,"data":null}},"time_used":749,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":749,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/resource/svg/dark/assets.svg?2.0.1780313038026","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:52.387Z","timestamp":1782745852387,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /resource/svg/dark/assets.svg?2.0.1780313038026 HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=amGFjmcXFS%2FFDfVC0ZgcTltHX9LFv8JpXMAKyjcaJytCvUKPGEVmvECCyJgAI8MRzpWKUcMW2KoKaIpHuQBhSSkplfk1XWSWLS1op%2BirxW3U8m8PrL231e8gSoE2KUs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Mon, 29 Jun 2026 15:10:53 GMT\r\ncontent-type: image/svg+xml\r\ncontent-encoding: zstd\r\ncf-ray: a135dc4968e249c5-OSL\r\ncf-cache-status: MISS\r\npriority: u=4,i\r\ncache-control: max-age=14400\r\netag: W/\"6a1cfb3a-290\"\r\nlast-modified: Mon, 01 Jun 2026 03:23:38 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":656,"size_decoded":1131,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d6953e6c03c282b7196aac44631dd747","sha1":"20e78130325fa6875a4501fca5e5adf3e2f48bc1","sha256":"6e90f192b3f0b71ef3488a15b09379493cedf6de0b602e9f436c683e257eae00","sha512":"6a1be0fb0b41f2d4eb85a336ee0dc2f5067fdcf8edb38e0f1a17953ad1c10b9f97a250cca7ef394343a9ad969d126958bbe561291a1c30a2873de041da0b39d1","ssdeep":"","tlshash":"f6f0d3f6d935802f12574750d6fcba84107ff283d191086cf79226728e75d5b553c248","first_seen":"2026-03-25T16:01:48.36293Z","last_seen":"2026-06-29T18:43:33.581274Z","times_seen":4,"resource_available":false,"data":null}},"time_used":745,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":745,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.citrueswave.shop/api/common/getAllSetting","fqdn":"api.citrueswave.shop","domain":"citrueswave.shop","tld":"shop"},"ip":{"addr":"137.220.154.220","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.847Z","timestamp":1782745849847,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.mmao-46.icu","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Jun 2026 07:41:29 GMT","end":"Sun, 27 Sep 2026 07:41:28 GMT"},"fingerprint":{"sha1":"7E:28:B2:E4:B4:88:F1:99:23:95:12:DC:88:13:E5:1B:CE:B8:12:07","sha256":"5A:4A:B0:61:17:14:21:88:A0:FC:7E:4E:07:9B:E3:05:F4:EE:D1:38:4F:8C:15:9E:44:19:7B:C2:C8:FD:46:A8"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: api.citrueswave.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://bimiidcd.top\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 29 Jun 2026 15:10:51 GMT\r\ncontent-length: 0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://bimiidcd.top\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":442,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T06:32:23.418387Z","times_seen":16848511,"resource_available":true,"data":null}},"time_used":1870,"timings":{"blocked":-1,"dns":126,"connect":249,"send":0,"wait":248,"receive":0,"ssl":1247},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/currencyItem-ede020d6.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.869Z","timestamp":1782745849869,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/currencyItem-ede020d6.js HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=1,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: zstd\r\ncf-ray: a135dc39ae0d49c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-5fb\"\r\nexpires: Tue, 30 Jun 2026 03:10:49 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UWb8vaOlR%2Ba5ukwuWj7%2BYvg%2FlhxxrA2lkvoI%2BBujA3VgqEzr7oUtFDv5IeOnRNR%2BT%2Bmw%2BtlD%2FCd%2FmrZ89mZE%2F2YQ7UCdr%2FrLAWZliE2MzqJemQV3KSpPkDd60SBoalk%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1531,"size_decoded":1616,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1530)","md5":"70ae834f1cf7d6cb6f4a8705b8570595","sha1":"95a235672ba11834e755ded0638b1903202dd2fb","sha256":"b4866ab6f22ab68aa8baa7940f516f493963fc6a014228efc8fb4047320ff75a","sha512":"0917a2b15e38f1abfd033b733f5e3133e08a5afe92e146e80abecf156ca00e49d13eeebb77ee915a301246dc951a95131a58901115395eff0f3d6827d6bb57a3","ssdeep":"","tlshash":"fc31cf99690186b2d7bf5492d0a40434131dbfc57126c6d5feed14243b138b8d36df3a","first_seen":"2026-06-29T15:11:12.701858Z","last_seen":"2026-06-29T18:43:33.559897Z","times_seen":2,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/charting_library/charting_library.min.js","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:47.730Z","timestamp":1782745847730,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /charting_library/charting_library.min.js HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:48 GMT\r\ncontent-type: application/javascript\r\ncontent-encoding: zstd\r\ncf-ray: a135dc2c5bb349c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb3a-2a6b\"\r\nexpires: Tue, 30 Jun 2026 03:10:48 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:38 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=38f%2FXLXh3GKf2utOkR8o0ySPlxg9P2R1%2FIQy8UxUCBtez40%2BIGV7KI4zOsnGvzsFKv9hoF40zCSuZ8tz8IeBCuK1PTRVBvy6fnpGNcpGXz%2Bwzh6eybojAUNrWMja8As%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10859,"size_decoded":4117,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10857), with CRLF line terminators","md5":"2a5fa40461c4e10123b62c021ab0a4ed","sha1":"527b4a35104eda6479c5ac876f57b5375ab00f51","sha256":"bcee984fd52b4a82bd6b23543bb33f6472e076c125edbdd8756d29ca230628cb","sha512":"51c91bff846f3825a21d6b301b1e4615d05bb27defef6c39c622e647f5d0262fdb0382924c9245c4a18a11cd32b60e4c913ed451b6f4b2fec1c87ce871eb874b","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffa5:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvB","tlshash":"58224f58ed2478720acb54f0427f180f8239e278d84944ed3c84e6ec59fd44a6a6fbb8","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-06-29T18:43:33.558244Z","times_seen":1078,"resource_available":true,"data":null}},"time_used":819,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":819,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bimiidcd.top/assets/index-b11aa2d3.css","fqdn":"bimiidcd.top","domain":"bimiidcd.top","tld":"top"},"ip":{"addr":"104.21.31.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bimiidcd.top/","date":"2026-06-29T15:10:49.863Z","timestamp":1782745849863,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bimiidcd.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Jun 2026 06:42:57 GMT","end":"Tue, 22 Sep 2026 07:42:51 GMT"},"fingerprint":{"sha1":"43:EB:DB:63:4A:4C:C0:E1:60:65:76:23:72:AE:B2:F7:4E:EB:46:E0","sha256":"66:0A:57:D3:02:32:12:0B:7A:EA:4B:2A:D9:F3:C9:6B:DE:06:C4:B5:2D:4C:5E:45:13:F8:9D:F0:F5:C0:EC:D8"}}},"request":{"raw":"GET /assets/index-b11aa2d3.css HTTP/1.1\r\nHost: bimiidcd.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ndate: Mon, 29 Jun 2026 15:10:50 GMT\r\ncontent-type: text/css\r\ncontent-encoding: zstd\r\ncf-ray: a135dc39ae0549c5-OSL\r\ncf-cache-status: MISS\r\ncache-control: max-age=43200\r\netag: W/\"6a1cfb4e-aae\"\r\nexpires: Tue, 30 Jun 2026 03:10:50 GMT\r\nlast-modified: Mon, 01 Jun 2026 03:23:58 GMT\r\nserver: cloudflare\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5XDXEpWQeDeaAi5mgpO7eWQ0uwcM0CT%2Fo3b5saO60gbKq09VgowQVb5faCqqzBtRSDkomd0Miex1IMUWqkF%2FUwnTfqnVJo06jd8WAO1m7rwOnrxLtIBs02Aa5ExEIUc%3D\"}]}\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2734,"size_decoded":1636,"mime_type":"text/css","magic":"ASCII text, with very long lines (2733)","md5":"a1d00736c86ef5fc1437506bd1ba9ef6","sha1":"dd72f2b84f969bb379fb9d6a1d2794340e8e2809","sha256":"b11aa2d31cc9cbe0ad7589e50a96fbc178b99e20ef9805b41f7413225e923f2c","sha512":"2714d10e4356e5da56fbb8de4b6e5167029839043bec96552ed43bd3fa1681bc954960f2bb0c4d862815d626de5fb7a977876046eaa30b88cbd6c28a29a82fff","ssdeep":"","tlshash":"9251ef49faaa15308c77cbcffd489b48d0406e41e58aded4f54787060adf6a3152572e","first_seen":"2026-06-29T15:11:12.704686Z","last_seen":"2026-06-29T18:43:33.538515Z","times_seen":2,"resource_available":false,"data":null}},"time_used":716,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":716,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-29","alert":"Sinkholed","trigger":"bimiidcd.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}