{"report_id":"6ba45212-7cca-44f8-a49d-2bf6992a165c","version":6,"status":"done","tags":[],"date":"2026-06-01T14:38:15Z","url":{"schema":"http","addr":"tomotobit.xyz","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"172.67.154.219","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"title":"PNCEX","dom":{"size":107500,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1273)","md5":"28a86773f8939d73b315c98f15e3783a","sha1":"4982e7a5f21695ed145645cdedb4c4a02b02e810","sha256":"8a73ca10c00a46f449c968a4bcc62b83128f1c783a123bfa26821968fe1a25e2","sha512":"6561c4cf9d0b711a0d99537437e52b45bf84e19e0f7e12a20565ab872abe3e6d31dbb304384745f8b2409b3fa73bdb7d0d6bdbc58506b944d412826f83d13b00","ssdeep":"1536:1SdAwr4I9uBX6FlGVEMDYY209whVH+O9ylBBEvTjWg5RfwGBD:0AFiuAYChB5Tjf/wGl","tlshash":"2bb30aa0e3ec093a205750cb97b566d675fa9433e627c4093abe47506fc6c48e9336ec","dom_hash":"domhashb1d22c332f837f5014b2521c29730d90","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tomotobit.xyz","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"172.67.154.219","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-06T14:38:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"cdn.staticfile.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-05-31T22:42:17.707694Z","alert_count":0,"request_count":3,"received_data":331423,"sent_data":1534,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.staticfile.org","ip":{"addr":"202.181.25.23","port":443,"asn":55933,"as":"Cloudie Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2013-03-29","domain_rank":851278,"first_seen":"2013-08-23T08:51:19Z","last_seen":"2026-05-31T13:29:34.76957Z","alert_count":2,"request_count":2,"received_data":178552,"sent_data":863,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-31T22:21:48.210615Z","alert_count":0,"request_count":1,"received_data":6149,"sent_data":469,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"tomotobit.xyz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-31","domain_rank":0,"first_seen":"2026-06-01T14:38:16.990112Z","last_seen":"2026-06-01T14:38:16.990112Z","alert_count":74,"request_count":74,"received_data":2655371,"sent_data":40828,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Bootstrap:4.5.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"ThinkPHP","description":"ThinkPHP is an open-source PHP framework with MVC structure developed and maintained by Shanghai Topthink Company.","website":"https://www.thinkphp.cn","common_platform_enumeration":"cpe:2.3:a:thinkphp:thinkphp:*:*:*:*:*:*:*:*","icon":"ThinkPHP.png","categories":["Web frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"d392cfd84d6ba616ae53fc11bb8ac66a","sha1":"c5323455d238cb1e99c5239f350b807945c25425","sha256":"203186d23b766b0182e9f0f96fdd787c0274576581db71e49af81ea0bf55e05d","sha512":"3bb2e892184711a296a3d22d80bf59ec619c825b393d1cc7f046b9fabe881cc66754bb8773fdea64b7ac8aa34ec5e5db0c87a0d421ddd8a74384c9689bc7f710","ssdeep":"","tlshash":"85310080c0000820808000b80c80003020200000c080c020088280c022080028828c08","size":1688,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.590937Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"d392cfd84d6ba616ae53fc11bb8ac66a","sha1":"c5323455d238cb1e99c5239f350b807945c25425","sha256":"203186d23b766b0182e9f0f96fdd787c0274576581db71e49af81ea0bf55e05d","sha512":"3bb2e892184711a296a3d22d80bf59ec619c825b393d1cc7f046b9fabe881cc66754bb8773fdea64b7ac8aa34ec5e5db0c87a0d421ddd8a74384c9689bc7f710","ssdeep":"","tlshash":"85310080c0000820808000b80c80003020200000c080c020088280c022080028828c08","size":1688,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.590937Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"b9d4fa39640ad13e8a14f61ab93c8f20","sha1":"ae13997175ecbe92d185699efb58d7150059221d","sha256":"c55887d829b82d03913e7e32c876887d2ff1f1ae4cd0d849a47d85406e4d4162","sha512":"cb786eaf9097ef1aa155e5daf1e04fc6d662a838ba2eb085587e4e282ae07a2733c6642260424df88b28eabbd3d46dc82e0a862fc2da4a46acd5ef7b2777ac52","ssdeep":"","tlshash":"6b3100f0c0000c00c0c0303c0cc0cc0030330c00c000c0300c00f0c0000c033c00cc0c","size":1692,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.591702Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"bfc688b891897248ad5c79b23010cde2","sha1":"9085438742f5db28130747741f4180b295b9395c","sha256":"d0d303603bcbef1c523633f28bb7459c137872f1aa5975699f587bd758a746a0","sha512":"46e9789c7246775e4b1e720196372516569a0de5b872273ed57cfccb9159efabac2c8afe6e133bef03beb4bb2745f8250d6ee38e045ec89f3563fd1998c377ee","ssdeep":"","tlshash":"563100e0c08e0c22808080380cb0000220208000c8c08000080080800008002800080c","size":1704,"data":"","first_seen":"2024-06-24T06:48:40Z","last_seen":"2026-06-01T14:38:20.592412Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/js/jquery.SuperSlide.2.1.1.js","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b9bc63ab05e21e3830da5bbb4ccee67","sha1":"d162156bdaf14217d76d920e0e57b86d8feb1d97","sha256":"349e46b2c65028736d0bbff7b829c7fc6fbdebc1fb1e8b12365a0ca2e6e9e848","sha512":"bdfa220da1f08e29f05a9984c4999d7e742bea10ad86b7e497a0d112c7992cc52b7f1e9f5430b4286f14bb2336110f85cbdc3164a92121caaf5c91961f7e69c9","ssdeep":"192:j+K3bxH+nqfhD9VUVjIItpfg5uXG3+1tSCl+7flvSXwaHxImISLTNSfYXH7Le2HE:jNcnqflKFgEWulE8REcS3j/CkR1Xh3","tlshash":"9532c65fb66635ca4597b3f1107f940d222b5965fc8a8ca0b17082c0adb9a1c243bfed","size":11264,"data":"","first_seen":"2023-04-05T11:06:31Z","last_seen":"2026-06-06T14:47:20.43711Z","times_seen":13805,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fbeec71614f4276bc72391ccc06f385f","sha1":"856f94bd1f78df6a05c0645d041e29f4d1cf261a","sha256":"f979fa98594727b9d7e841b6e91debca6390b5491d50cf40d3bf5000dbc42171","sha512":"fa733deb4400a7236d50701530bccbd98bb7a70cdc80b522ace44c7d23ccb06c7a72e7b187921ff8611d8507a84daf805f40c60a80561b62bf7a62d5ac09162d","ssdeep":"384:ubYpA2XqL6znp54FJ5SW8uyDqyM4ONQlh0Jylfbdsl/SpMpv3QM9BHYbgmMv1+vN:uH+4KW9yljdscEvTzHWg4q3/Rfxs","tlshash":"0ce23fd2e7bc9736069a055f66ee81e2e735c069323bc90e385cc2195b91d38877a3f4","size":31191,"data":"","first_seen":"2024-06-30T22:44:26Z","last_seen":"2026-06-01T14:38:20.593113Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"d392cfd84d6ba616ae53fc11bb8ac66a","sha1":"c5323455d238cb1e99c5239f350b807945c25425","sha256":"203186d23b766b0182e9f0f96fdd787c0274576581db71e49af81ea0bf55e05d","sha512":"3bb2e892184711a296a3d22d80bf59ec619c825b393d1cc7f046b9fabe881cc66754bb8773fdea64b7ac8aa34ec5e5db0c87a0d421ddd8a74384c9689bc7f710","ssdeep":"","tlshash":"85310080c0000820808000b80c80003020200000c080c020088280c022080028828c08","size":1688,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.590937Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"9a0d19ff5f9d87249c32384e11bf9785","sha1":"f4e62fc1846e4da15637478aaffc5417f0fd617d","sha256":"64ae9601a85a5acb53f8ad77b6fff9d58eeb435ee88e5cccd82f5e3e975a4af8","sha512":"17e56d177fbd7533c358f7a67aceb0b3f7432204f5c72c68b4ff6b137077d5db7ec29d12dd9d0af6d10e98f22c2b52ef2802c061182454bb0be9de9252d2cc3f","ssdeep":"","tlshash":"ea3100c0c0003c00c0c000fc0cc00000f0300000c0c0c0300c03c0c0c00c003c03cc0c","size":1698,"data":"","first_seen":"2024-06-24T06:48:39Z","last_seen":"2026-06-01T14:38:20.594Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"87ea6ad7c11e26ab36a6f3eeada59d04","sha1":"b394e5bf72a5a712678f28d05b67db0270a10690","sha256":"04345d390692cdb4ba77dc0b8b56168fffadd2406f8063cde0d41147a8a9e433","sha512":"f2b3e1a13a65a1799fd2fa6128f49468c2a4c0eefaad25bbbd9453121e4eab9ba2a1768c5a6b0ea733006f6d7d9f1500c40e7ac5cd281fd88b810ccbf2f11ae6","ssdeep":"","tlshash":"d4310080c020cc00808000382cc2000220300000c00288300c008080000c823c0a8808","size":1695,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.594591Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"d392cfd84d6ba616ae53fc11bb8ac66a","sha1":"c5323455d238cb1e99c5239f350b807945c25425","sha256":"203186d23b766b0182e9f0f96fdd787c0274576581db71e49af81ea0bf55e05d","sha512":"3bb2e892184711a296a3d22d80bf59ec619c825b393d1cc7f046b9fabe881cc66754bb8773fdea64b7ac8aa34ec5e5db0c87a0d421ddd8a74384c9689bc7f710","ssdeep":"","tlshash":"85310080c0000820808000b80c80003020200000c080c020088280c022080028828c08","size":1688,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.590937Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.staticfile.org/jquery/1.10.2/jquery.min.js","fqdn":"cdn.staticfile.org","domain":"staticfile.org","tld":"org"},"ip":{"addr":"202.181.25.23","port":443,"asn":55933,"as":"Cloudie Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e0e0559014b222245deb26b6ae8bd940","sha1":"e2f3603e23711f6446f278a411d905623d65201e","sha256":"89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e","sha512":"60740da8f871b8263675db2421b0e565fc18e95c772f7c3d5916f224263cd71a6a2e6acceab2f6f8ba1c0607951f0198f525d87d0589fa57045b1d5f292dacf0","ssdeep":"1536:q4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:qGsKXlI2p0WPSbDrstfam","tlshash":"ba93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","size":93100,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-06-06T18:13:46.67851Z","times_seen":20803,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20523e78bae2cebbef388c9ef84ec2f9","sha1":"29093cf5f97a20d8297b3554d07f2926d8df98d2","sha256":"8a6cfe4c6857b79cfcf6f200c8d00b064aa443b7e529332cbf064cb183c938cc","sha512":"182e396a3aafaf2b5f18070a8ed0e76efc7e8f1cb8eb37865ac4b294f0a8c933c3e9a72531506bfc732fa9f5f3a4acaa7a1a21adbb0849c63870b3f2e934a2f6","ssdeep":"192:Z+9wKCCBm9wKCC1u9wKCCXO9wKCC9u9wKCCssxI9wKCC7O9wKCCeQi9wKCCTo9ww:Z+vm7uVOrur+JOAQihoTuhK5Mh8N","tlshash":"1822b46cf993286c789334258f6f005438e87547cb49d4193eada8c26f8850da5bbfde","size":10286,"data":"","first_seen":"2023-04-30T10:40:57Z","last_seen":"2026-06-04T15:30:27.668451Z","times_seen":2918,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Static/bootstrap5Slide/bootstrap.bundle.min.js","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8831aa095cdec88f66c2e46c339cf352","sha1":"5db4c40dbc6bd3d9623ee98a2061dd265885cf2e","sha256":"79d443b15f542c8a8acca8e937f2a3c90ecba78bd49fdbac6c9b878c7f1293e9","sha512":"b07f093e128951e03d3d693778e70e97c53e95f65382d0570f8d6ae9c3bfb25c311870b129c5b8e4ae283c25211c6ecd301e266ca11d75598fb935eda5b09b14","ssdeep":"1536:GaPTJR2t4PqiiyuL5FehgTr1voCBZx6wVlLBkS:4OANBZVV5","tlshash":"0f73c5493254b87309ee15a68037460bf7256d94b14b802cb5bdacde2b3dc8672b7f78","size":78748,"data":"","first_seen":"2023-03-07T01:34:42Z","last_seen":"2026-06-06T15:31:40.877429Z","times_seen":7763,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"d392cfd84d6ba616ae53fc11bb8ac66a","sha1":"c5323455d238cb1e99c5239f350b807945c25425","sha256":"203186d23b766b0182e9f0f96fdd787c0274576581db71e49af81ea0bf55e05d","sha512":"3bb2e892184711a296a3d22d80bf59ec619c825b393d1cc7f046b9fabe881cc66754bb8773fdea64b7ac8aa34ec5e5db0c87a0d421ddd8a74384c9689bc7f710","ssdeep":"","tlshash":"85310080c0000820808000b80c80003020200000c080c020088280c022080028828c08","size":1688,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.590937Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"e9d91da3cbd5865beecaafee39a7fb84","sha1":"4db69aae530562231d2b55b6edf2a824044efa5d","sha256":"9e8e1f198ecb82d31949ca7c8260428582ec16a86171af9338348ed024683853","sha512":"66d304f6c3c735cd293dc54c85645cf6064911c6fcaf84b255df10667c76f5cff15b6c91fdfa8b653d3274994b95a79337b3ac2d6269ed00fdb6246288c16e67","ssdeep":"","tlshash":"423100c0c0000c03f0cc003c0cc0c00030300000f0c0c0300c00f0c0000c0c3c03cc0c","size":1690,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.596877Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"87ea6ad7c11e26ab36a6f3eeada59d04","sha1":"b394e5bf72a5a712678f28d05b67db0270a10690","sha256":"04345d390692cdb4ba77dc0b8b56168fffadd2406f8063cde0d41147a8a9e433","sha512":"f2b3e1a13a65a1799fd2fa6128f49468c2a4c0eefaad25bbbd9453121e4eab9ba2a1768c5a6b0ea733006f6d7d9f1500c40e7ac5cd281fd88b810ccbf2f11ae6","ssdeep":"","tlshash":"d4310080c020cc00808000382cc2000220300000c00288300c008080000c823c0a8808","size":1695,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.594591Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"d392cfd84d6ba616ae53fc11bb8ac66a","sha1":"c5323455d238cb1e99c5239f350b807945c25425","sha256":"203186d23b766b0182e9f0f96fdd787c0274576581db71e49af81ea0bf55e05d","sha512":"3bb2e892184711a296a3d22d80bf59ec619c825b393d1cc7f046b9fabe881cc66754bb8773fdea64b7ac8aa34ec5e5db0c87a0d421ddd8a74384c9689bc7f710","ssdeep":"","tlshash":"85310080c0000820808000b80c80003020200000c080c020088280c022080028828c08","size":1688,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.590937Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"39d4f19f9c0926dc38317fdf3f7b8fde","sha1":"128672a3e06b80d958284f3cb65a4fba41776c7b","sha256":"9edfe06057d81559a8045e1fdca8bbd51d78fb238d39e50a42e0e70182b45918","sha512":"293d0ca6d88e91703c076e7e8e2096d170455a198393f63e42af06ade1194ce80aff62e551ede237514a9b5f12810be3013cfd1e7d164b74ad86d339ee4091e2","ssdeep":"","tlshash":"9c116b05a70b2cd828f3996f1f5384120c3624136887ca243f4d97e09fe9e939469d5d","size":1090,"data":"","first_seen":"2023-04-30T10:40:57Z","last_seen":"2026-06-01T14:38:20.597785Z","times_seen":1100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/js/layer/layer.js","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"666f4437565d197e9459e19a29f58315","sha1":"afc5c0a1369137e52b37ad5fb63f48202ce31368","sha256":"4a49651ad86a83ecbd9c2ad34e7f5c906b46ae2c4c93c1c8585148f936b7e100","sha512":"1e659ff6c47458dbbaf7e7561402c12441286c255ddec048bf654388e8666a9ceca344e166657c29fce4a08b46470b44c47e8f1c6f577adc2a4e4f4f0e7e1e90","ssdeep":"384:DQ8cuj0z4VfS7ShA3BMJOoM6bs7hwI9b4Zrxy:DQtu8CfS793QODbcI","tlshash":"5f92c85ab5503593216390a9911fa90f30f24d22eb078958f16bf1fd1ebcda562b3f0b","size":19831,"data":"","first_seen":"2023-04-11T09:52:52Z","last_seen":"2026-06-05T10:31:55.295092Z","times_seen":13773,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fbbb012e519b910a02da83ac6d3112da","sha1":"a03af70ac8200203516bb605834e1e3a1a061948","sha256":"b3f004b5887b020f0abc7d1046d655e1b275a9eb354f05212175561521105a47","sha512":"5c76b4a0f8abfa543ae0c28835d8685715b0899a787e39f251d28a06484c9f51a0de7dc1fc258b4891080768550ee830e5b0594bbac8a8e61594d117ce751b80","ssdeep":"","tlshash":"6cf0c96e0a1ed7ff70a80235532aa2ef70cd4baa90076807fe87021716ac118bc01ea1","size":527,"data":"","first_seen":"2023-04-25T18:57:28Z","last_seen":"2026-06-04T15:30:27.669974Z","times_seen":6997,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"e9d91da3cbd5865beecaafee39a7fb84","sha1":"4db69aae530562231d2b55b6edf2a824044efa5d","sha256":"9e8e1f198ecb82d31949ca7c8260428582ec16a86171af9338348ed024683853","sha512":"66d304f6c3c735cd293dc54c85645cf6064911c6fcaf84b255df10667c76f5cff15b6c91fdfa8b653d3274994b95a79337b3ac2d6269ed00fdb6246288c16e67","ssdeep":"","tlshash":"423100c0c0000c03f0cc003c0cc0c00030300000f0c0c0300c00f0c0000c0c3c03cc0c","size":1690,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.596877Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"b9d4fa39640ad13e8a14f61ab93c8f20","sha1":"ae13997175ecbe92d185699efb58d7150059221d","sha256":"c55887d829b82d03913e7e32c876887d2ff1f1ae4cd0d849a47d85406e4d4162","sha512":"cb786eaf9097ef1aa155e5daf1e04fc6d662a838ba2eb085587e4e282ae07a2733c6642260424df88b28eabbd3d46dc82e0a862fc2da4a46acd5ef7b2777ac52","ssdeep":"","tlshash":"6b3100f0c0000c00c0c0303c0cc0cc0030330c00c000c0300c00f0c0000c033c00cc0c","size":1692,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.591702Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"e9d91da3cbd5865beecaafee39a7fb84","sha1":"4db69aae530562231d2b55b6edf2a824044efa5d","sha256":"9e8e1f198ecb82d31949ca7c8260428582ec16a86171af9338348ed024683853","sha512":"66d304f6c3c735cd293dc54c85645cf6064911c6fcaf84b255df10667c76f5cff15b6c91fdfa8b653d3274994b95a79337b3ac2d6269ed00fdb6246288c16e67","ssdeep":"","tlshash":"423100c0c0000c03f0cc003c0cc0c00030300000f0c0c0300c00f0c0000c0c3c03cc0c","size":1690,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.596877Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.staticfile.org/jquery/2.1.1/jquery.min.js","fqdn":"cdn.staticfile.org","domain":"staticfile.org","tld":"org"},"ip":{"addr":"202.181.25.23","port":443,"asn":55933,"as":"Cloudie Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"d021c983bd6e7291b43a5cc1fb2ebe99","sha1":"ffe47a16e4b1550ddfba3577cc9cc9fdc8643aff","sha256":"c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079","sha512":"0b01d408ae79a4e3630f1bcf6507aec0aa71a2cf263f212ff601ae582f15af4df9ec9dae5e0d4fc9c1833cd0fd1207689121531ba920480a680e3f4e336da4b3","ssdeep":"1536:kPEkjP+iADIOr/NEe876nmBu3HvF38Nd+uJO1z6/A4TqAub0i4ULvguEhjzXpa9G:7NMnJiz6oAQKP5a98HrB","tlshash":"5983d6d9b6c27062977734b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","size":84280,"data":"","first_seen":"2023-03-07T12:01:55Z","last_seen":"2026-06-06T04:05:01.598913Z","times_seen":10044,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"d392cfd84d6ba616ae53fc11bb8ac66a","sha1":"c5323455d238cb1e99c5239f350b807945c25425","sha256":"203186d23b766b0182e9f0f96fdd787c0274576581db71e49af81ea0bf55e05d","sha512":"3bb2e892184711a296a3d22d80bf59ec619c825b393d1cc7f046b9fabe881cc66754bb8773fdea64b7ac8aa34ec5e5db0c87a0d421ddd8a74384c9689bc7f710","ssdeep":"","tlshash":"85310080c0000820808000b80c80003020200000c080c020088280c022080028828c08","size":1688,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.590937Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"b9d4fa39640ad13e8a14f61ab93c8f20","sha1":"ae13997175ecbe92d185699efb58d7150059221d","sha256":"c55887d829b82d03913e7e32c876887d2ff1f1ae4cd0d849a47d85406e4d4162","sha512":"cb786eaf9097ef1aa155e5daf1e04fc6d662a838ba2eb085587e4e282ae07a2733c6642260424df88b28eabbd3d46dc82e0a862fc2da4a46acd5ef7b2777ac52","ssdeep":"","tlshash":"6b3100f0c0000c00c0c0303c0cc0cc0030330c00c000c0300c00f0c0000c033c00cc0c","size":1692,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.591702Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"79315f8e21a5afcd6107be4df6636c44","sha1":"5d641ffabafe2c26acee543627a2867236f7afa1","sha256":"ab6ffa4fef8f40bac0e26ed6980b56ea80db5f614ef699904466983ba0f135c6","sha512":"dd4ff339f2b1bb213adbd71aa8ebc7461476e99dd1864bdbc3dd7ef21017b6e4435f9ba51c71b373c42234587ddbe16879926dc607fed3bef9b98770eb956535","ssdeep":"","tlshash":"28310082c000082880a000380c82000020200000c00280200c0880e000280228002c08","size":1702,"data":"","first_seen":"2024-06-24T06:48:40Z","last_seen":"2026-06-01T14:38:20.599577Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"e9d91da3cbd5865beecaafee39a7fb84","sha1":"4db69aae530562231d2b55b6edf2a824044efa5d","sha256":"9e8e1f198ecb82d31949ca7c8260428582ec16a86171af9338348ed024683853","sha512":"66d304f6c3c735cd293dc54c85645cf6064911c6fcaf84b255df10667c76f5cff15b6c91fdfa8b653d3274994b95a79337b3ac2d6269ed00fdb6246288c16e67","ssdeep":"","tlshash":"423100c0c0000c03f0cc003c0cc0c00030300000f0c0c0300c00f0c0000c0c3c03cc0c","size":1690,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.596877Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"30eb56b099db0a0ebcd06bc6984fcf77","sha1":"374577fd4fab8ebd7a19e909650a6425b52df155","sha256":"c7e5bdef1c383c5dfde5edb6fc6e71d7f2124496225fb8b0e89f9fcbc61a16dd","sha512":"51ab979925b64694a8976c1be10f586e265a3efff488f8fcdda2ae41490f7f8b64ce81f36d5a770ad06668e651c588447881b125e73edbea9eb6ceef47c4544b","ssdeep":"","tlshash":"cd3100c0c0003c00c0c3003c0cf00000f0300000c030c0000c0cc0cc00ccc33c000c0c","size":1708,"data":"","first_seen":"2024-06-24T06:48:40Z","last_seen":"2026-06-01T14:38:20.600262Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/js/layer/layer.js","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"666f4437565d197e9459e19a29f58315","sha1":"afc5c0a1369137e52b37ad5fb63f48202ce31368","sha256":"4a49651ad86a83ecbd9c2ad34e7f5c906b46ae2c4c93c1c8585148f936b7e100","sha512":"1e659ff6c47458dbbaf7e7561402c12441286c255ddec048bf654388e8666a9ceca344e166657c29fce4a08b46470b44c47e8f1c6f577adc2a4e4f4f0e7e1e90","ssdeep":"384:DQ8cuj0z4VfS7ShA3BMJOoM6bs7hwI9b4Zrxy:DQtu8CfS793QODbcI","tlshash":"5f92c85ab5503593216390a9911fa90f30f24d22eb078958f16bf1fd1ebcda562b3f0b","size":19831,"data":"","first_seen":"2023-04-11T09:52:52Z","last_seen":"2026-06-05T10:31:55.295092Z","times_seen":13773,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"91acb5bcdd8f681d34b12b280bae207b","sha1":"2eacea091adabc1f11d14205cd74b7f174db137c","sha256":"b12fbfad9e1d91e7529c16902911d9f696742f52444871db001d76b5970427d5","sha512":"d1b4ef1a0de6c8032402dc57bcafd3da90a2deaefddff666d8e7415f64afff58ebff471491953df7ad43771cf15887c312a66feb347921ea9f43a0cc02e6ef67","ssdeep":"","tlshash":"523146c4df2d01acdc4853e82aad82cc0a3c3a703c339c696c185e389ca8dbed519d79","size":1721,"data":"","first_seen":"2023-05-21T16:18:43Z","last_seen":"2026-06-04T15:27:14.932728Z","times_seen":2484,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3141c18a9605b1422295c9e48d668c9d","sha1":"0e035fdbc893334e85d674527229f5d2fd9c8036","sha256":"1c439327512b5147799af88283ca39d0f13d331bea70d2ec3e479177c6c595c9","sha512":"9de6cc7247eb894a1a5a05a3cad42883bb7478bd38bb37e22c7ac97ae476b6a843adb97e0ed0c1ba44db35687a637a8ada2d6197fdf51b66ac1e46fb0d0863d0","ssdeep":"","tlshash":"05d05ec3ab4d2058587f319784eb15cc005c467288920d89bc3d91908ca01ec5371f2d","size":255,"data":"","first_seen":"2023-04-25T18:57:28Z","last_seen":"2026-06-04T15:30:27.672196Z","times_seen":5231,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"e9d91da3cbd5865beecaafee39a7fb84","sha1":"4db69aae530562231d2b55b6edf2a824044efa5d","sha256":"9e8e1f198ecb82d31949ca7c8260428582ec16a86171af9338348ed024683853","sha512":"66d304f6c3c735cd293dc54c85645cf6064911c6fcaf84b255df10667c76f5cff15b6c91fdfa8b653d3274994b95a79337b3ac2d6269ed00fdb6246288c16e67","ssdeep":"","tlshash":"423100c0c0000c03f0cc003c0cc0c00030300000f0c0c0300c00f0c0000c0c3c03cc0c","size":1690,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.596877Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"36fa8b2bda7338ef780601c55ebe2bcc","sha1":"bc5aa699d4eb910af1a640d68d8b4c7ae3ce9f06","sha256":"dce62c48116c5711f6a742f6e1df2587e0ab2d58b9ceca020c8555d21b9a07f8","sha512":"ca64a1f7fba66f50bc39a9bd254b9f92ea7b934397c5d286a2c6be7128a56e97608568355e8996a2d70c305a7a93753c66dadff5917064e5f017c0a9cb281f2f","ssdeep":"","tlshash":"14310080c8000c00808000b82c82003020202020c00080000800808022080028a0080a","size":1696,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.603179Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"d392cfd84d6ba616ae53fc11bb8ac66a","sha1":"c5323455d238cb1e99c5239f350b807945c25425","sha256":"203186d23b766b0182e9f0f96fdd787c0274576581db71e49af81ea0bf55e05d","sha512":"3bb2e892184711a296a3d22d80bf59ec619c825b393d1cc7f046b9fabe881cc66754bb8773fdea64b7ac8aa34ec5e5db0c87a0d421ddd8a74384c9689bc7f710","ssdeep":"","tlshash":"85310080c0000820808000b80c80003020200000c080c020088280c022080028828c08","size":1688,"data":"","first_seen":"2023-11-01T11:06:24Z","last_seen":"2026-06-01T14:38:20.590937Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Static/bootstrap5Slide/scripts.js","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"48477ea73f8709a6c29d7cde0cc83e55","sha1":"5dc30fab107725dd71ab343d70b9e6267ea68cf1","sha256":"fd67e1f083236a6c171d2275401174ea62a6f24fc81193d55653080a236a209a","sha512":"0932287b99d7c96929e7464b6684fe399dfcaaea787dcab28fa0879094b5eb4d92139260fecde4ffe430eca3986430f98a72fc523332c4e476bee9ea2226b1b3","ssdeep":"","tlshash":"1ee0cd91761d4f9d1ccc3257996092c576841524e401f06790374c6c0a9584225fb7fc","size":298,"data":"","first_seen":"2023-04-25T18:57:28Z","last_seen":"2026-06-04T15:30:27.648543Z","times_seen":6129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_eth","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:01.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_eth HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=eth"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DEMBDZaV%2BreUFj3spYq3G0ecRfTrdUxJfyQtVbQkrWM6%2BdKK3JGrdlP1%2FUQlNBOTD%2FHwGpFnmK17CPKS6pDk3fKC%2F5so9qGBC0N%2BLIUT80gZ21lPVzKDHZIroqbOma4q\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5ab5ca50883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":202,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"208c2228af5ed907017f4bfdf2de6da3","sha1":"6feee8384657dcb12eae0bdbc03c45a6a493b117","sha256":"efc42076c576a7107dece90f1242c2c0a2fa37fd2cb1f00d0fb2f52e0bd0f109","sha512":"ab40f771c104e6781a3d405839953cb2752548539a5645a4cfccb34be0bc738106b274f3068622fcace8b0478aaf6c2d34c325afb40d02bb52837dd38630f3b0","ssdeep":"","tlshash":"bed023d45f3c05354c31e7d1a4e83b6e148d4096c080c20515ff4db8146d6083315c36","first_seen":"2026-06-01T14:38:12.561181Z","last_seen":"2026-06-01T14:38:20.512645Z","times_seen":2,"resource_available":false,"data":null}},"time_used":463,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_btc","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:05.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_btc HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=btc"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CP6%2BAQYi2%2FDMatO%2F6qS5tKJkHgnZmAqeMSs7%2BFkzaA3rSkhkqAwp8equq1PA3Hydr3CaK7Q0vuwiH05EAW50dnCmX2NxTYS9ixjisIZjO8qUq7rQpAmslFiccLmZlRGO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5c468790883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f7e5ad6ebb93e9afa0ed2ff64f896dd0","sha1":"39226e4b6287758662a511c8d792076633beebf5","sha256":"fb6529e4e6648dd0b2bff0a121f911e4f5f1db52ccfa027de85ff7ba254393d5","sha512":"e2ba122eadb8ba303729c770a657abb9d62d78b65e5d283ef334053b15e72c4fd01440f1cf04b52e6f84646960788407045f71179900c40e7bcb6c40cda43ba2","ssdeep":"","tlshash":"99d012d06e7d15650c35e3e195e8172eb44a88a2c08446099aff8bae64bd61c3313e37","first_seen":"2026-06-01T14:38:20.513614Z","last_seen":"2026-06-01T14:38:20.513614Z","times_seen":1,"resource_available":false,"data":null}},"time_used":606,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":606,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_fil","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:10.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_fil HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=fil"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:11 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZKGerctt6Gmfb%2BZmK1qggrmjbGapYEbvBgWcNGHSRDKopIoOgya5QB7n8%2BoUwckbhRCCtgXmcHk0BySWKAHCVzwqpUSHEt03IbKyipmyvwToBswabZy%2FzCX2AnIXiVYm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5e3ab9a0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f14caf45859838500b244be08c2878a1","sha1":"4450e81b3d883ddca33d456cbc988a1ede71388c","sha256":"39abc8083353d1372475aa2021f55ad61c1375daa255830a81bd167825ff561f","sha512":"0e65b7994a16f4a93f3480defeb36609c9a32ec257a54e0409021bb7f1aff360d61414ea1052430d70e07208a1cbe63e5db33378ba47a05d5a88e7456cb5096a","ssdeep":"","tlshash":"e4d023c03e3945390c31e3e154d81b1e54ed0847c440520e55fdc57c609c51d3321d17","first_seen":"2026-06-01T14:38:20.515243Z","last_seen":"2026-06-01T14:38:20.515243Z","times_seen":1,"resource_available":false,"data":null}},"time_used":727,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":727,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_eth","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:10.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_eth HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=eth"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:11 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OZDcQAOGcnXIaMR0xiPOocnR5ROlzoA8HkcMgdI6cRzYVUY6gNGH1i4zy4xzaaDGaSg%2FanQ3Od2eqOYD5BKI7KnApax2NVlA4AaxX7e799nMcjfkmaYq5sVvmzP89anm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5e3ab820883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1f1fdbf3050a699cd55c154833686e1c","sha1":"3ebc7d53c5ca682589a62f2b6d4a6163199a61c1","sha256":"619bb12fe9688f32e3bd097a4b122574c28b1f101fe8348f30fc09ba47e601cf","sha512":"357ab76b4ae36cd9774c18e4733959170f486d483a6eb63f4670022414538394a861ada1eb6e23c4a5d94184c70550239c67a84aa605e258b76f1e41d261a6ab","ssdeep":"","tlshash":"56d022886f3c04351c21f3e1a8e82b6e658e4096c080c60a2afe4eb824794197322c3a","first_seen":"2026-06-01T14:38:20.5165Z","last_seen":"2026-06-01T14:38:20.5165Z","times_seen":1,"resource_available":false,"data":null}},"time_used":861,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":861,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Upload/public/629c72dbe18e2.jpeg","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Upload/public/629c72dbe18e2.jpeg HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-219f6\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VLE2LpynxaK0zkBA23A0AEAKCnBbDtisy4s2h6Gm5LiAOxEXoio0JRd05cErttmE1mkiA9zN5vx6jctsMrJv584YlaV339jXLVE2RvKqCmEBo73G%2F2obOW3ZF6OQnKra\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803de30883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":137718,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x300, components 3","md5":"96abd4588e557e6a37f5d3c213f0dd52","sha1":"6647c6a4e45c0963d31ed26ffd3fbf47d8891dc1","sha256":"62fca4cd746244e0a048bec7fe7d714efd224221851c3a91ffe8d1daee2bb8b3","sha512":"a7a2e192d4e25de386ba726c28b53c5321687450227e70fd77ee4a25fa26e8d52e5e8bbc81c18e33e85095fb3cdef51c8a0fcd3ca3b553e18d8bea383546f267","ssdeep":"3072:lFn4afMToBiTo/Nk/AU9MfbHpEbxsUNuJdL0:l2wBikAAUzVuJh0","tlshash":"5cd3f1a2ebfbeb2b4b5b56bc826dfd3b535019c828d69663185b0d12f908f31564703c","first_seen":"2023-05-21T16:18:43Z","last_seen":"2026-06-04T15:30:27.626831Z","times_seen":4453,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/1594057379245582.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/1594057379245582.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-c13\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BZaomSknw5hDL9umjNeNblXDtQm8Tdzo%2BQGst6FwCsL4A%2BFJM1O0HoBZflYKeo3UpC8NrV8igV5Pz6vZTndNHNBr%2FcL%2Fbfiedw6u1bRSTQ7KTDSslfInAMGoSmsJ5rH%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803df90883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3091,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"033d340b5a4a22d8e8590b98409158f3","sha1":"098ef5ee4b44f780df7f39c022ea491cacb32e7f","sha256":"0b53847e742884cbfbc563109bb99cacbc75fbb1bca892a1dbf68982e68778a0","sha512":"60de2b9014037bbd2f081ffe295d2cd0d0772bfc9b878986404981aff8df34a51611ffe2d214e0ce8f3849f9f9bda9e52b650d50db089953fde9bbb5b9725339","ssdeep":"","tlshash":"03512bcb908c59b6afe24ea002945ce48021c177ad3b4726963ae91e9f742f6070dc62","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-01T14:38:20.518484Z","times_seen":3299,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/js/layer/skin/layer.css","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/js/layer/skin/layer.css HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-36e0\"\r\nexpires: Tue, 02 Jun 2026 02:37:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sZj9tCZpame1ro35Nr4ELebuO91Cm9oLaN%2BzVZyu0p5XnsYrDGpIR%2FTAFkR2TJN9urJru%2B2Xr74OlZxqvfBHJ5%2F%2Fb6YhL5yPO16eHPYcxUBsgi16PuTD%2Fn6tSona%2BAmL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef58538310883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14048,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (13967), with CRLF line terminators","md5":"1673a003559ea1607dd77e6467a4baed","sha1":"954f4afa17e3d1c057101e62950f6c9506245550","sha256":"9748f440829e0b76d70f344e9c989f6d2302eba81aeea03211d40ef5f29fe62a","sha512":"5f9b8254fe18cdc329ca87a4852b7cb5520dcf3c406c5b3d755e99d0e7ddd618cd5ca2b455868ae14d896431cea2252b60d79d5fdd9e404a1fb8685a05ceb955","ssdeep":"192:9OcW0PmLeWVNrzztBm0T9zBKgwBnsY5Cb+RX:9PW0ijV1JbTyGY5CGX","tlshash":"1c5202e144811299b0278611d6dcbeba32f88d53e5630dbef2573c1f874c6dba2b6247","first_seen":"2025-04-07T11:37:37.344268Z","last_seen":"2026-06-04T15:30:27.63912Z","times_seen":3225,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/1613786496962262.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/1613786496962262.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-a83\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fuWozpH5t5YIh%2FdZBhhD02IJnnr8ywegnlV00U12V9HeylI7YD2ZMmTIPBFmVnGz5j3h5w5s1AtrH0AkdMsdbIlYytt85qDcmaAmNfSxNs77unIRkjD6op8ROMF88vc4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803de60883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2691,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2edf1ef8b333c40979976d1a49bc234c","sha1":"d75ac12795b4a9575c874e1b190712cd62a87afc","sha256":"50a1901684f223bf26594dd3415b1e50f184820a16daa810cc5452911e9117a9","sha512":"f697a1fa0786316fc01003f72621920932e2657e4acf5a471e35d02717c42c9db5a12df311895a776a563dcae9b8fc0b6721833529a054b9dbfff4c52fc564d3","ssdeep":"","tlshash":"2b515ee60252267980d32438616db1e178beabb2c3021ded6c1444954acc4b62555cfa","first_seen":"2023-05-01T18:49:36Z","last_seen":"2026-06-06T16:45:30.824418Z","times_seen":21646,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/1613786513998262.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/1613786513998262.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-adc\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QDHXKJ5amxeRhusg3p%2FfUuKGrFkJ%2Bwr%2F6CnpimfafUJ%2BelH0KipRY3k0TadRq2JJ6Jnq7fr9bypUQ5gwYp%2FMiyEL%2FsZEd1lrX3zP7vTA57D3tS%2BzvCLkHF96q1HifycH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803de80883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2780,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"856bfdb63dc0d6fad6b92fc6a29719e1","sha1":"2fed2e3409ce1bbbfb37f6da4abeecc30cefc021","sha256":"eebe29898b8b7de5c9e47daab474152be8095e3ab42d768b84b085c5a12b95c6","sha512":"a61c0a108d63c89ae62a2b03108480b5c08bda0e80049089a2a84cd7973bd9e94dcd2902e166b92e1d7ad5b7356357c9b181cb1b6051dd25913e82d2420154f0","ssdeep":"","tlshash":"51518cc7a707f33a9c866161bed44509f244d80a8160b31c0f33a7572c8a83ea4f324f","first_seen":"2023-05-01T18:49:36Z","last_seen":"2026-06-06T18:41:46.446534Z","times_seen":21362,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/5f87397132a8b02.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/5f87397132a8b02.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-998\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2MyurP2uuIOFeJsRBlw58KnVsUODfBDDUIaoTP28pPX80ZU2u%2BjWuqiuKDWlV4LfJDT4lh1Wtkg3T6BtfVbRwBlWoEN%2Fn9xJmwuiRuycJ%2Fw%2BfUI%2BXVbbwNs%2F4jG6FBgJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803df70883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2456,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"bdaeb947a2eb31bae0a170559df9013c","sha1":"7fc8496c9bf51eea98dc9060262f87a792a24a43","sha256":"3225172adc122cc7f8f09fbcc94757061330651a485f17091f41726767f7ea3f","sha512":"710a1ac11f6fdb3915479bf6b9eccf34f4dedd8f30e6bed5275f52d1ec634a754b252e385eb9cd388a5a69c64aaf5818c13cb783090ae68a8696af067cb67341","ssdeep":"","tlshash":"9e512b90d3f3d98a7d930935f8b27a34cfda87da97098523ea834854e279442cd24943","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-06T13:45:19.268444Z","times_seen":18315,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/home_head_bg.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/home_head_bg.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/Public/Home/static/css/base.css\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-cf649\"\r\nexpires: Wed, 01 Jul 2026 14:37:45 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 9\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E2zLWwDkYOPzBNLkAG4Tx6KblBwMCNlQuRy0bnT%2BQiInfHXZ9bar8cgXFJ5HkGn8hDSJF0768xHc392%2FXA4mdP5%2F8XS82XO3YfR1KrZiZ9xfIa3WOZphHAmvL66Hws3j\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef583390c0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":849481,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 4336 x 1428, 8-bit/color RGBA, non-interlaced","md5":"1cbfba6198f4e4ff700eb43de61092ac","sha1":"ff03b54f67e1a0ae20c274c3d06ee52c3dd6ee50","sha256":"618a8249a51b933013f55571d8cdcb16e26863c921c82170e79fcbcb582eea95","sha512":"cb12167584983054c4911ee8604171dc08c8f89fef64c97ef3eb8dca7f424ce7d34b87924419f0e76e7a4b23f231371bef37231639bbb36c71950fdebbae40cd","ssdeep":"24576:2nw3WzrNqGPQiPxmnC+YarisIgK+Xy/6Nn/WMISk:2n+iQGhPxmrY651qGn2","tlshash":"7405224ca0eef889cc125b351ddbcf8d52a430b498ef6719bb63bd20895d9cd6877620","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.637006Z","times_seen":3653,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/fonts/bootstrap-icons.woff?4601c71fb26c9277391ec80789bfde9c","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.3.0/font/fonts/bootstrap-icons.woff?4601c71fb26c9277391ec80789bfde9c HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: font/woff\r\ncontent-length: 106812\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.3.0\r\nx-jsd-version-type: version\r\netag: W/\"1a13c-GxDOCA4lYqi36DlQRNPKg9wRKZk\"\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230120-FRA, cache-bma-essb1270030-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 4002798\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u%2Bk2GywFIXDMkeSpS4wi14dtZkEW8k25ICwihQ%2F000u0EYeHYxbe2o09SHkx%2B8QdO5aR%2FcOt4PYS7gMrsD7Eya3bMOQvbqVT6T2L6VZxd2LvGHVrmfCnWEJHk3YrnSJifs0%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a04ef5837b86b4ee-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":106812,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 106812, version 1.0","md5":"df7de9fe96a30f78c7f652f5b00ae016","sha1":"1b10ce080e2562a8b7e8395044d3ca83dc112999","sha256":"011ae1fe8e56c310d82ec3795cb8f86b9dea521dd0bc560a0ae0c2e87baedd4b","sha512":"d8cd580ed4119b0d31c9f3b7ea1b2002ccef31ba26cc6791114e5017e9ccffbfbf57b8611aafa52a8b3e76fc8f77b0d51d333dfcd5b293ddde61da3bbbbda47e","ssdeep":"1536:IEGBxy7wyLnYmvpdgacZtaiLBug50yslpdHfaKoGS3MUt7jCP/KgpL+HoEf7HhDt:0zy7pnYm/zcZta+UNoGS3gpL+Zwul","tlshash":"8fa302c0688d7e9ade37df31a226826373d3094a637c2d6f26997852c946e0f7637341","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-06T14:42:22.497672Z","times_seen":10412,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_doge","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:09.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_doge HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 9\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":9,"data":"coin=doge"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:09 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1I7QCgC5c%2BzrZ%2B8%2BM%2BQDhv9D8ApPTyyUHITD5QYoWkZ6zg3ty4IZVFteVsEP8q74idyNkZpeCHfkIvU9rphvQms3cMsyjo8pI9Rlc2yaIxex%2FLYMHQGHLhsbQYww7NND\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5dd5c780883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":209,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"58a399cd50311377663654904a8862c0","sha1":"8a3420f59937c084ab5d06a16aa4327f62edab54","sha256":"58843cd87abedeb18864bbab21990b2c1065ac62ff5c22cdbaa66953fbfedf35","sha512":"fc8d76370afd6d2b95613ab6c7c78b328ef3f126612690fb114bfe6063bdaff81ef8a7204d07a293c9b0464e15b4c9c29881cee5434b6e4c71cfdad0c021e6be","ssdeep":"","tlshash":"d9d0a7912f3840260c22a3e058e4161f949e88a3844546055afd8ab8149851c611281a","first_seen":"2026-06-01T14:38:12.533889Z","last_seen":"2026-06-01T14:38:20.524039Z","times_seen":2,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":476,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_btc","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:09.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_btc HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=btc"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:10 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TPG5QfPjCRB7sYKIxgQKKDU%2FLWaTlLcRF2n8ewliL59RogOhNWxkkWOF86XssZG76PXM%2BndQuxwVmt1WMeULPWBhokGJJfHO7zrjLywdHCNJjHq0%2F3L9jztUKnpnMzKD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5dd6c940883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9f2195878412ef897fc30dbb93214ebf","sha1":"e8cd6dc429d096fecd9d1c9cd5834b8b5f34e64a","sha256":"e1f5ef28c0ec1a5dce09705f3788450be1e44513699f462ab79105ff8544cfcf","sha512":"1fd2a0d5322cd9f51558653a63228fef8268dffe1b8c2552c692cb3aef87ae2b105a15aa6c3754fb231d2641e73657815fd7e84b4d1013a2b80417d3bf80afdf","ssdeep":"","tlshash":"7dd022c07f3c24610c71f3e1d4f80b6fb04a4882c0848209dafe8aac18ac20c3222e23","first_seen":"2026-06-01T14:38:20.524896Z","last_seen":"2026-06-01T14:38:20.524896Z","times_seen":1,"resource_available":false,"data":null}},"time_used":629,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":628,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_btc","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:11.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_btc HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=btc"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:11 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eQOwkToddxTUbEcPY%2BoEJdVFAGZlytgcb6lrLXMLgHZNujeZ4mWA6xAbLS%2Fp3l37Zqokn1qMOp5S2ety6OfYdwNF0eMUBlVf9N1OEuBpieey77zCP2PwuSmlc70WiFov\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5e9ea880883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"9f2195878412ef897fc30dbb93214ebf","sha1":"e8cd6dc429d096fecd9d1c9cd5834b8b5f34e64a","sha256":"e1f5ef28c0ec1a5dce09705f3788450be1e44513699f462ab79105ff8544cfcf","sha512":"1fd2a0d5322cd9f51558653a63228fef8268dffe1b8c2552c692cb3aef87ae2b105a15aa6c3754fb231d2641e73657815fd7e84b4d1013a2b80417d3bf80afdf","ssdeep":"","tlshash":"7dd022c07f3c24610c71f3e1d4f80b6fb04a4882c0848209dafe8aac18ac20c3222e23","first_seen":"2026-06-01T14:38:20.524896Z","last_seen":"2026-06-01T14:38:20.524896Z","times_seen":1,"resource_available":false,"data":null}},"time_used":458,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":458,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Upload/public/62c127d45d1d5.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Upload/public/62c127d45d1d5.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-7894\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NHpD3%2FB%2Ba9lgR3MuSKfhAmsi6qMjrR1m4opk1IBTyI7wBpnstGiahKr6ZKaic7WUObgiozY%2B1LxA9S7al0DFspINk41TemSC47OnlJBjwgvqgK2wk03p5hSZ8WLyuD2K\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803dbc0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30868,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 489 x 510, 8-bit/color RGBA, non-interlaced","md5":"3e8790350019ee69e60ef8eb75d61a55","sha1":"b5941b7a1e0f1ceb7f947a1d7455e9229f255b91","sha256":"b678da892808f8f4a1a1b05fff07ab0d474c3617d8458033a8aa2746bb56de10","sha512":"3231abab29b1fc9981370d17f3c189fd00d86ea1b06c92f63ab354e20733f549d789ee8b441778d030aae1a88a315bffd3e5747f201f3e3eb1fbcd202eb35665","ssdeep":"384:eJXE051QtVe5JEbssbLY2kajNeFeZFNpOtWGJ0Uqi1q+lpQIsx:e351QtV+Issb02kaAeFNp5UqiIcm","tlshash":"3ad2cf4578b0f2beb052e631adc4184a1a3b2307cac02d1971de4c7fdf12baa1c5f5a9","first_seen":"2024-04-28T05:39:49Z","last_seen":"2026-06-01T14:38:20.526079Z","times_seen":165,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/doge.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/doge.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-838\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xhmAsIHgrQ2Oh3WWgTAFIqN8XJPBzdAfw%2FPKIvLzBa%2BlDIlo6a2df6u41eM70kYrIVGPt%2FSjxbYEb4mJyiBc6KvgD7J80H1AQ%2B0EqECWVo0US0EWxFJo%2Btr7qdbTvRdE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803df00883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2104,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 61 x 60, 8-bit/color RGBA, non-interlaced","md5":"ff0c62c872d877837881793431cf064c","sha1":"8ee9cdfe43cfba24078529fa23984ab9e9d99a76","sha256":"c146f8822178b5581dd5eb80071e9824e1634252a4cd0d25b9675b0cb3da570e","sha512":"2416ae2389993012befe574c4ee91c47b6101f3e89b7582d25ce214e248e5305f327183c2a7222259b9aeae09ff7315edeae1ff11c8be3304ca11d5cefeb09ff","ssdeep":"","tlshash":"b0416e07f3ddbe79ccd66bb71348e024d01ff7e1b8010b98a42a4c565258c6f215c44b","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:27:14.911715Z","times_seen":5359,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Static/bootstrap5Slide/scripts.js","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Static/bootstrap5Slide/scripts.js HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 02 Jun 2026 02:37:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LPEjycNxjbUb%2FojgtHIxU4t2vIIrockwa%2FbTA%2FjpiqqXhGeNPJ4NVL6KBqq0%2FoEhFjOAuyEJRrfWdaU1bc7P2musbZW5qyaWE2c84bXGKnvveNNL1kG9H1zpKvJZ0ZBh\"}]}\r\netag: W/\"6a10a026-12a\"\r\ncontent-encoding: br\r\ncf-ray: a04ef5805e2a0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":298,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"48477ea73f8709a6c29d7cde0cc83e55","sha1":"5dc30fab107725dd71ab343d70b9e6267ea68cf1","sha256":"fd67e1f083236a6c171d2275401174ea62a6f24fc81193d55653080a236a209a","sha512":"0932287b99d7c96929e7464b6684fe399dfcaaea787dcab28fa0879094b5eb4d92139260fecde4ffe430eca3986430f98a72fc523332c4e476bee9ea2226b1b3","ssdeep":"","tlshash":"1ee0cd91761d4f9d1ccc3257996092c576841524e401f06790374c6c0a9584225fb7fc","first_seen":"2023-04-25T18:57:28Z","last_seen":"2026-06-04T15:30:27.648543Z","times_seen":6129,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/ios_down.e011cb37.svg","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/ios_down.e011cb37.svg HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/Public/Home/static/css/base.css\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-2edd\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 9\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XXbqgXjH1YODSwdkgVkVmh1H7V%2BKlDhDiSQd9K5DKy%2FS4aOBbiYlQGsUUZ2nt5PCWWSVt7yqKgrSgqkrZOfA96wt%2FgpeejZ39xV4%2Fs3EjJ2sWvLASdEHF1lhjch3Lvj%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef58339220883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11997,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e011cb37e1cdc749fa40e455f952c628","sha1":"c102a94a6beb0a26de83c2e21ab6ab409f265e88","sha256":"5b8c67057adbf739c8bbe363ef30d3e57638991690cd9930aa237e5b408849ac","sha512":"a92a160de1026815ca8078f6cc059fb8fba29284a5c792295a9755e8f6e3c10ae138c90b0cac9774f35cdf430106e4a7ccb5c88729e9750e867cf826479001fa","ssdeep":"192:sb39cIK/24cUfDfcFDOlozy6RWSmwQn0F3TRe3nclNXAJdlIPprWl:2mIK+OrcFKozy6RrIni+nKNXAXlI0l","tlshash":"9b3255f79354c0c4791e99e5cc3f1ae93a0ef0fb9a81a08832ade841e753ddd865ad44","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.661494Z","times_seen":4099,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_jst","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_jst HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=jst"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=De%2FlwqyZDSZAaTO4SWhKMueV4xuPEnuCnck9H8VqL2n4hdhDkBlKYewP8WWFlnxY5MjhE8NomCAk62FBgl%2Fy6hNsCGSpPk7fk6pPgyg8uX1626CBSm2Hj7fYBlp9ZM5i\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5860b480883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":212,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"fcb115adb854c6a7fff9c2dd0790ef0a","sha1":"7061050ac571ade0ec1c4c5fbc7785ed417e6dd2","sha256":"e9585f6640f8a8c0fb718bb93c09bf08bdeac00ea31c73e32f3b425b8dc09f39","sha512":"7d19a9ea67b2c60163b63b8f361644fc2e52a55819cf27e24e08df126fa663964df81f9cdafba93f743629f5b7cceedab1790d234bd36aea527b43fa8a89eeb7","ssdeep":"","tlshash":"b9d022f02fbc092a21b2abc124f817be7cbec442c48393069bbec73129982087006d13","first_seen":"2026-06-01T14:38:20.528707Z","last_seen":"2026-06-01T14:38:20.528707Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1355,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1355,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_btc","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:03.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_btc HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=btc"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:04 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bNqyo44ffIqL7iIEYO5utFYzCB%2FiOaHrOQ%2BBonauOFie9U5xqB4ORMmkFNAEo%2F4%2FQ4x%2BvNdwpeoVCq1vxIzv4x6a0riaXGlKg71BVc0NmxXnH6bjYY9k%2B3mRD%2FakTIQX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5b7e9b30883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"6ed19377cf5f85e7810d7c1ea5cbc1e7","sha1":"345d802a8655b64a9027f6ced3b138b5e80e9e03","sha256":"b6eb3be4c22dcd491878b0de29a831bc76a3b37f1b0a4984be0fa857f2304e95","sha512":"831e1a73a5cb495ab7bb2a06738d3aa6aa5d21c2621b5d5da7855b561247f6a21523eb797869eead1b42d0851a4c2810b6c1e3acaa37ebf492b56888dbd84152","ssdeep":"","tlshash":"0fd023c06e7c14250c31e3f1d4f4271f704a4442c044410559fec6b864ad10c3312e23","first_seen":"2026-06-01T14:38:20.529831Z","last_seen":"2026-06-01T14:38:20.529831Z","times_seen":1,"resource_available":false,"data":null}},"time_used":633,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":633,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_eth","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:04.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_eth HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=eth"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:04 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bFoT0SIK0ZZUrbt6BVDiwB3gIDx6yz4koX5LUCIlCXFHmZfdjz%2BewiFhJg2aSfB6uT2WMhG2S%2F0nzcc7K37M36WMcTT%2BBJTTAoxIr3rFE7saOhBdpzlIufZRjsaudhuv\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5be18d10883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":199,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"53a68ae287364c5aace19141f7afe542","sha1":"34f307895303d564dd52d93417513ed9b674e912","sha256":"b9aee2868614ec096a869129d08b905cc3503fb9363c8844d928693dd7e7a62e","sha512":"cac9c43f54b2871ce196ff1f3f21ef355003ea88edc554e80dd620da480d0bf8f56fad60332215cddca004fcd744cf850d53ede394c8f34953bbdae4c4785d62","ssdeep":"","tlshash":"52d012986f3d19394871e7e1b8e82bbe658e4486c081864a6afe4ef824795093616c37","first_seen":"2026-06-01T14:38:20.53104Z","last_seen":"2026-06-01T14:38:20.53104Z","times_seen":1,"resource_available":false,"data":null}},"time_used":460,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":460,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.staticfile.org/jquery/2.1.1/jquery.min.js","fqdn":"cdn.staticfile.org","domain":"staticfile.org","tld":"org"},"ip":{"addr":"202.181.25.23","port":443,"asn":55933,"as":"Cloudie Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"staticfile.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 23:24:03 GMT","end":"Wed, 22 Jul 2026 23:24:02 GMT"},"fingerprint":{"sha1":"0B:B2:4A:D1:B2:4F:80:EC:A1:3E:DC:31:8E:AF:70:08:98:03:FD:7A","sha256":"EC:CA:82:C7:1E:7A:EE:30:88:D6:06:B1:9A:F4:66:5E:A0:31:39:1F:4C:AE:88:1A:13:30:32:8F:7D:7C:47:1C"}}},"request":{"raw":"GET /jquery/2.1.1/jquery.min.js HTTP/1.1\r\nHost: cdn.staticfile.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\nexpires: 0\r\npragma: no-cache\r\nserver: nginx\r\nx-cache: BYPASS\r\nx-cdntype: readnode-007\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84280,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32061)","md5":"d021c983bd6e7291b43a5cc1fb2ebe99","sha1":"ffe47a16e4b1550ddfba3577cc9cc9fdc8643aff","sha256":"c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079","sha512":"0b01d408ae79a4e3630f1bcf6507aec0aa71a2cf263f212ff601ae582f15af4df9ec9dae5e0d4fc9c1833cd0fd1207689121531ba920480a680e3f4e336da4b3","ssdeep":"1536:kPEkjP+iADIOr/NEe876nmBu3HvF38Nd+uJO1z6/A4TqAub0i4ULvguEhjzXpa9G:7NMnJiz6oAQKP5a98HrB","tlshash":"5983d6d9b6c27062977734b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","first_seen":"2023-03-07T12:01:55Z","last_seen":"2026-06-06T04:05:01.598913Z","times_seen":10044,"resource_available":true,"data":null}},"time_used":777,"timings":{"blocked":282,"dns":2,"connect":155,"send":0,"wait":171,"receive":0,"ssl":164},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"cdn.staticfile.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/advantage_phone_ui2.03eb46c4.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/advantage_phone_ui2.03eb46c4.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/Public/Home/static/css/base.css\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-1fc3\"\r\nexpires: Wed, 01 Jul 2026 14:37:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pEdUprXYlfjHsfv17luF1z4K96siB4kBSrCxgkzghHH%2FAy4F4vIqKrCb8P7JLwm9rVn%2BvZZA5l9VwRzFJ9Xg7UCKPiWlz%2BFpjOYltZCTtB9znN6RyoB%2FzWZj3%2BYWQeZ8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef58349810883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8131,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 620 x 414, 8-bit colormap, non-interlaced","md5":"03eb46c414ca4054d6aa8bcc6146e203","sha1":"1ad3fe2ee83e35506f404b3dc6110540539e32c6","sha256":"98f20bbbd1c55089292d663c5a641e6cb4d02e91149bd3b1dbfa3dc87168d1fd","sha512":"e59d6713424efe87e45984399aab1739b3b1ff7cde9fff91c83582110c669f9bf299ccb30a7286bec64c48243f887f701f27051f9e6e8b4445c9e927505db019","ssdeep":"192:vri1p22NLEFORfDwDmxiEVHkmrogfcftKLatznubkt:vriOMR8DmxiEVkafc4czuu","tlshash":"2ef1afc2d9d35ddf9d9c0b2b34cbf454844249d0eac68d05d74245a8f8be082abe3d9d","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.637723Z","times_seen":5494,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_fil","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_fil HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=fil"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:57 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NPotWITg%2BNB6vAG5mVPDAfCCXhs13K%2F3mUU%2Bp7n8enMbCaBjwosXUrKXvfC7ICwxN4WEpNB6l9GnBs1c3m9JXaD%2BUMjesR0eb6eI2kvAzpP%2B3s9o9OwAG%2FKR0pOg9wES\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef585eb090883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c34fe04be602f2feffcf445e7ac684b6","sha1":"3e764f0323f1ef575699ea1eba94c893a78417aa","sha256":"acef79b0b7fe9d62388f32ac0c7610ab197e9948dc0a5a71cb39ebc8a1974393","sha512":"b97d28542059659910f03f1df3d67c65ba70b105b6c8646f2059c36ee0923244adfd14c8a00fe45b371cc15762c89f393bf16a02721f30c6eed6e47a343c3421","ssdeep":"","tlshash":"ded022803e3c863a0c32e7e158d81b5e54dd0987c880920a6afdcabc61ec60e3322d27","first_seen":"2026-06-01T14:38:12.552242Z","last_seen":"2026-06-01T14:38:20.533453Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1496,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1496,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_eos","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:05.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_eos HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=eos"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lP8tnn8ZN0%2F4Fu11X0%2BA0G02S4PkwMkNLiKiAhoHYBwxc5D9lqFyvTQ12irF53QO%2FZTNhB4Brz6mA2%2Fxq3mpxtUZcwVMYh2dxEUjD057ailHHd7SxBJrO9s5GQzfwQmX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5c4585e0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"68ac40a84898f40747d958e0c0941c75","sha1":"a033ad6d2dddc4dcbabdf38740c1a8cd192dcf0d","sha256":"232ef71afd2e2d3a4a886bd164ac9ae400955e7f71505d3570e31635b2ecc00e","sha512":"0707d815ab13b1d6804fdee766d93c98b78e2ceddafbecda34f34372d1d689ada7e8777adf7264eb03a393dafa59e80ce9810cb74592580f0be1ac8ef4f453c2","ssdeep":"","tlshash":"ec70000002afa8a3028200288c0f000000ac28882ca080008c2822288a200028a00020","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-01T14:39:11.901324Z","times_seen":318,"resource_available":false,"data":null}},"time_used":485,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":485,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/5fc.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/5fc.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-a86\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KXg3euvUPAj4sheaXHtw7jxNiBG5yMzXMNLHNsdGpp7T5yvxOqWHhojW852l1BvSlbMnMH7sIxVFvBF53jjZVUgi2o7v%2BNdwr2C8etf5dWpW%2FTT2K7o2p5pXYaEvoXNN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803df40883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2694,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"6ad5509616a5fca9f389801052bea3fe","sha1":"5b53d204b7e6066409067fba9fce5202ff20e9d6","sha256":"6becc3abea448b67731610708852a70c3ceb99059b2dee98da3711dc0620218a","sha512":"18729e5d7521224c032a2a7f18c154b1d02905dda6a06dc3a1af5d876bc5f651b78699589772cd6158bc1bfa75aead83b084bca2b06539a3e4cc9b4a6d476ded","ssdeep":"","tlshash":"ed512be6a252222ac78335be8a25f1dbdf560afb123220858088c13aa40f750c98a573","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-06T13:45:19.212679Z","times_seen":18783,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/icon_margin.svg","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/icon_margin.svg HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-654\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p%2BEf95tfELOXLkZ7H4GR3MjXZH5M3HQdqcdJRPqEVZxEBQzT26RcX8AO4kRei1GqSXC46sD7xfkszQYTEj7FPPD7SrvYhwdrBDWtfjWPBwigLzhf4eJHV64ZRzh1y1BX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5804e0f0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1620,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"283d6ddfb29042011328571a509df448","sha1":"3e486c50cfe119efc43c68ffafa349670c9f919c","sha256":"e88581cf4375fb6f9e7d94b4f9df4a667677d0d96384227c9a9228b1329f3308","sha512":"78e85634891dbc1423281f54e43c362b9cf8c75c83a070c34b36676b72b7b71e7793b2224c6d820eb870a0f7d854b336334b8ba0bca9125854139aaf2a97bc91","ssdeep":"","tlshash":"4e3120883a7ac39ce500e7ad981bb5ac3e1e04e96684c5d9c3e22c1078d2a59dc98dd7","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.663806Z","times_seen":2551,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.staticfile.org/jquery/1.10.2/jquery.min.js","fqdn":"cdn.staticfile.org","domain":"staticfile.org","tld":"org"},"ip":{"addr":"202.181.25.23","port":443,"asn":55933,"as":"Cloudie Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"staticfile.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 23:24:03 GMT","end":"Wed, 22 Jul 2026 23:24:02 GMT"},"fingerprint":{"sha1":"0B:B2:4A:D1:B2:4F:80:EC:A1:3E:DC:31:8E:AF:70:08:98:03:FD:7A","sha256":"EC:CA:82:C7:1E:7A:EE:30:88:D6:06:B1:9A:F4:66:5E:A0:31:39:1F:4C:AE:88:1A:13:30:32:8F:7D:7C:47:1C"}}},"request":{"raw":"GET /jquery/1.10.2/jquery.min.js HTTP/1.1\r\nHost: cdn.staticfile.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\nexpires: 0\r\npragma: no-cache\r\nserver: nginx\r\nx-cache: BYPASS\r\nx-cdntype: readnode-007\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93100,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32072)","md5":"e0e0559014b222245deb26b6ae8bd940","sha1":"e2f3603e23711f6446f278a411d905623d65201e","sha256":"89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e","sha512":"60740da8f871b8263675db2421b0e565fc18e95c772f7c3d5916f224263cd71a6a2e6acceab2f6f8ba1c0607951f0198f525d87d0589fa57045b1d5f292dacf0","ssdeep":"1536:q4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:qGsKXlI2p0WPSbDrstfam","tlshash":"ba93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-06-06T18:13:46.67851Z","times_seen":20803,"resource_available":true,"data":null}},"time_used":875,"timings":{"blocked":298,"dns":3,"connect":157,"send":0,"wait":243,"receive":0,"ssl":169},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"cdn.staticfile.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_btc","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:07.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_btc HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=btc"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aTIIgc0ZrDh%2Fmpe%2BjHnR0g5H%2FDhvo5hJEfqjciiJ49lus40riT3BL7Gb8gBt2Zt4eN3gwXkTkDI6Ge5MyeGnvr3ibxbgzBfnflLKcaQp5W0CYHivubbrW2nB2NM0YBYb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5d0ee180883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"bfee353ff50d49c8e18c7a96d9d9817d","sha1":"ba6b685147efc0d079f534b4fb6d089816150aa1","sha256":"fbb2fe4607c2ffced20f16fdae5df60f21a47e93660e73e25d593b6301c9e202","sha512":"221c6304c15dcc7bd835706337e3876f54805485b8942084fccdbb7e5f06a04666a627a7c2dc824eb812bb2809c68bb22c3ba81754ae23e01526d36255814785","ssdeep":"","tlshash":"12d022c06f3c14210c31e7f094e8172eb04a4883c08542095affcab858ae70c3212e23","first_seen":"2026-06-01T14:38:20.536716Z","last_seen":"2026-06-01T14:38:20.536716Z","times_seen":1,"resource_available":false,"data":null}},"time_used":601,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":600,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Upload/public/629c72e4af37b.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Upload/public/629c72e4af37b.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-68eea\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kg7163qck2lNdA4LLQNMNHU%2BuzjHqSFv4OzbyToxM2egCXrtfgnT2OwFRtUrKSR794snJsXmVIYXjy4DSMvbhrc3nbbrh30aO4iN%2B36r5vCKtUatqcq53BPAZsKkCo0Y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803de40883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":429802,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1140 x 465, 8-bit/color RGBA, non-interlaced","md5":"225ca6bb404d12e23b7b386fad845b9d","sha1":"5867c40e357d614354b83402482c4587ec910544","sha256":"670d66f9a6d3a2428280c04d570de82d99bd3c254888abafb92882cfae08ed44","sha512":"91cc1f7d6e940496ccd1d6285188e9b0c8150c39a24e724152ad53401be977259b6a8f66fc0d3e5cf17b19c31dad8370fb4d81d20f8b7b591da332aeff0790b8","ssdeep":"12288:JuQM20o9QXiA45lDD1mpVl09MrFrJVh+y5:t9lDJmnr5vhV","tlshash":"4d942395c5c6bc3391c6d10c9ab712b1b2239a7998af5bd506997e8c144cccac3fe24f","first_seen":"2023-05-21T16:18:43Z","last_seen":"2026-06-04T15:30:27.640633Z","times_seen":4446,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/icon_contract.svg","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/icon_contract.svg HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-487\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BCvjpvAx2NIwuHecl0VWPDmklqZNwo2QxxPINHQwA1bXBU%2FZUyTkdMMatAF%2BSSFrdWKqTnerYSnpGii8sGu33F6tKJUFfB3g3XWPvHP%2BuVoV7oMZccfG%2FuUTo%2Bo%2BHu8Y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5804e100883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1159,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8be2edf2728aa394553b4fd9a44471f0","sha1":"1afec38a2c761fbd902e1de55d280424335aeeca","sha256":"306f962a6980e05ac92e3e8d3b1818e864f5557237541ab81cf2a15c44a190aa","sha512":"cd25567c0782132f9dcf858b252b11d1343a57a747b1bdbb7094b31baa1074528bc86fafeb66ac71997b4f4ae50e20c56373774f0f79fbf4b2ed339be8000ed4","ssdeep":"","tlshash":"b421ce69623543b9f04a82b212c9f47f353e06d8f1cb44c9e5671e20206e82ebca96c3","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.653587Z","times_seen":2571,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_iota","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_iota HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 9\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":9,"data":"coin=iota"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ADPVTOtrc6LZOjJlj4%2FmVrjVNg0TnYSyVKUtu6WHo5C7X24aszjmRud08Q27XgVmx7eB50gspF032trNKGJrpDVI7NcGI5lRlxyI%2BHSrGO8rTdVaMyX3%2Fa4bpLJ5A3hG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef585eb000883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":200,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"01577219a8a196ae943ae915a8908995","sha1":"f19d5bf213989e2312ac97c7bb257ce09f99860f","sha256":"04ad8cc35f40036ef5364580ee1f926a5c7608521461623318b8a75d9a262b16","sha512":"01956954f3ccfb397ade4558d5271e6f9c4ded01563ae76139e92ee9079b1d9951bde40c2418d2337e29bc2284aefabfb7f30d071152e7d7458a408a64cc359d","ssdeep":"","tlshash":"70d022b43f3c041208b1e3c1e8ec07aea8ce8887e088530a1bfe8ab8401810c3332d22","first_seen":"2026-06-01T14:38:12.551321Z","last_seen":"2026-06-01T14:38:20.550169Z","times_seen":2,"resource_available":false,"data":null}},"time_used":909,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":909,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_usdz","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_usdz HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 9\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":9,"data":"coin=usdz"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lbtW1vv4hoLI7fmMIkBNUW%2BGvdVemTlj0Lv1wZRA%2FtTN6SCYn1Zy%2FB3ONQMTYQnmc2Igs15L9Yy3WvucNwapK506FMToiXqsEXdNOFmD6VS2LcluyZvU0ZDFFRHLRIM7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5862bd60883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":175,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"bf0f004805bf908bfa983d83ce1eec53","sha1":"14573b904184dbf3ffd7291cc63e6e4fcca1020a","sha256":"470154e5201d3ca4842297d94259afd6444c099c196e7cb2d53ecf969f7a9e3f","sha512":"2b1ff72cdb08dca7305db83cf39996b49cac6dafbd9dd3183b54d18183ecb12b55b938252c797c77fe2294070c33f7da5742b16328e27b8451db6e89c7892e47","ssdeep":"","tlshash":"0dc080d45e3d4515017197c174f9376f746dc442c08182056bfecb7426fc1047115c26","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-01T14:38:20.551118Z","times_seen":60,"resource_available":false,"data":null}},"time_used":898,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":898,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_eth","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:07.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_eth HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=eth"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zNonDMkvJzJwIhp0%2Bu6L%2B7J4%2BrwVs5MXU92eN6mdrJkXU1GFrWMfAP2QO%2FDuZOjTxF9O79kgvMR11euiu7%2FYil%2F6Zui7kPTNsUQbdsVYZM2L3MsYkyjxB95h2FEFpwOo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5d0ddf70883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1f1fdbf3050a699cd55c154833686e1c","sha1":"3ebc7d53c5ca682589a62f2b6d4a6163199a61c1","sha256":"619bb12fe9688f32e3bd097a4b122574c28b1f101fe8348f30fc09ba47e601cf","sha512":"357ab76b4ae36cd9774c18e4733959170f486d483a6eb63f4670022414538394a861ada1eb6e23c4a5d94184c70550239c67a84aa605e258b76f1e41d261a6ab","ssdeep":"","tlshash":"56d022886f3c04351c21f3e1a8e82b6e658e4096c080c60a2afe4eb824794197322c3a","first_seen":"2026-06-01T14:38:20.5165Z","last_seen":"2026-06-01T14:38:20.5165Z","times_seen":1,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":472,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/css/base.css","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/css/base.css HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01c-64a5\"\r\nexpires: Tue, 02 Jun 2026 02:37:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XLb5euLJ2K%2Fzo6p5lTVUC7V3v10wT%2FblDx%2Bny8m1zZf5DMnRCtL15vnWEAiquydlB3%2B%2BgQpJ17gGMuCSujUK2X5QVXQC8lVp12C8R6jgMapNxzht3Z53uvFIVwwX0LbX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5802d870883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25765,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (846)","md5":"8739b7f6cc1db5ea89afe0a14afacd7a","sha1":"f7dc32e9b67f5a0190cdb0d641f141294522fe46","sha256":"446377cfd8abce9140615cc2df1cfd3c2e8f908f179cbe1c7bc6209ef1bd2f3e","sha512":"8daa0f9ebd76dc9e94f4c5cf0acd3380b91abe7186648e41574d747c9cd0bfc2a6c28ba80c0e34ce2aba079782d9061d73bb37010cd77f7f59bc5879a19612a6","ssdeep":"384:BpFiOVTjRmNi2RoLy6IbRiWc2FDwFxYorvRnEkEZ58s8BXR8G8LrB888t7jL5ZBe:Y4cN39FDwFx9EZS9YzqtRB8TF3MDdu","tlshash":"12c295a7dfa30901b81bc5a41ff9ab55236c8017910bdebd7fc53648cf462d898a27c6","first_seen":"2023-06-09T02:38:16Z","last_seen":"2026-06-01T14:39:11.898486Z","times_seen":2237,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/jst.svg","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/jst.svg HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-4b7b\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cYzTA4joVtsnua3u4hZdQs%2B8ymSb%2FUJMG1cNAGduWoTfLSATqe6UhqSy3yV4TTKi02hOKcKQYc1ifBokkk0E8DDFrRJW1DzAZJEnPVnC9Ip4wF34xHK2IRCHzANQ7ETU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803dfd0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19323,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b993b0a39d50c323edbb5886a19d56cb","sha1":"8e183944ff4dd3741c2b18f3a2d8962b1662b1a4","sha256":"450fcc35ab762f1b121f48150a7465b6a506fee918e24a80811134ee3a1d88c6","sha512":"754b0b31db60b3b2b0b2dcbc5f32e950bd8245c08d60d4d84a8bfd7a887167dd636d8f001232639952575ac6d2ac97103c66e04a016502472412283cffd680e6","ssdeep":"192:cu7OzkWdAPKtyK2Pe+6fsKO2uY/E4vVAAm7gbK1QQlS/exkPXGmZ7ayFePl5a0FJ:cuiz5dU7h2QuagXq36Np2aE/ao54Cgq","tlshash":"6a82238d9f564f6a9485b3fdafea5050648740ec39a8e2f4e7b44473f80c6a50c48de7","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-01T14:38:20.552542Z","times_seen":3154,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/1613791952263794.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/1613791952263794.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-a6c\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=44MzSzUsdtfxlGl1tjgPbmks35bIVkqFlSIg3SJ2qTZx5496BRSoZ5snfggzQCeOz7yN9G2xQIOQi1IKObIV5ctflk2zaopUCbNlVBERMnVBuHaPiGj2%2FPtM36Y1T%2F2e\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5804e0b0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2668,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"d569a0c6c11b94ac63dc47b7baf58764","sha1":"b9c4f7fbd430b1ee1fe5a633a0a244c494cfda73","sha256":"645cdc8b30ba984f083d0f3a3a94dc6f7ea19e5bb7a9e09f65c5b03306c9e97c","sha512":"a566d71cfd8b73d2893dc861f1ac207ef44776a21babddf95d3f511c601983564bc6a3f1ad5b572a8fe58ea778dde45e27ec73277faa6dd3a9e784759595fafa","ssdeep":"","tlshash":"97515e9c71e2b274c793d07b8a014f3d9656447b2ee2333d8d0887c247097671d211f9","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-01T14:38:20.553221Z","times_seen":1034,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Nunito:wght@400;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:15 GMT","end":"Thu, 30 Jul 2026 15:53:14 GMT"},"fingerprint":{"sha1":"19:42:B0:56:3A:E4:79:BF:8B:69:E2:50:F4:76:BF:1E:A9:D7:7A:49","sha256":"D7:FF:C1:46:95:F3:5F:08:04:B0:E1:A8:FE:14:FC:60:19:58:D6:C7:D3:6E:82:B3:64:07:E9:E1:CB:9A:27:8C"}}},"request":{"raw":"GET /css2?family=Nunito:wght@400;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 01 Jun 2026 14:37:55 GMT\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5463,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"721a040ea564a6f1097d3c9fc78e4478","sha1":"969b3a763c65bbea8dd653387efe6482fd53f614","sha256":"1eab5e802b5f0457aaad88e630b825da8ed3ba340a35a34b5f6901d9d84bdad1","sha512":"44cce6feb92211ced4be081e6a2c9c0c63b0fc22a7243396544d0d88b4736d6e6d62ee3cad5136dda1b21e3f4eac55d6b465a0b28922df3565bc5bef366db625","ssdeep":"96:BOEabTxOEa7FZOOOEaKOEaQJc+uaOEaENqOxMabTxOxMa7FZOOOxMaKOxMaQJc+m:OH+yptkUkH0yXLkeLHbywkkdH","tlshash":"5eb17891045bd400aa432cc667cf7f37ed4e62113464c57aebfd9898ecabd272264b1e","first_seen":"2025-09-17T11:57:27.939025Z","last_seen":"2026-06-06T18:34:31.108824Z","times_seen":1436,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":135,"dns":1,"connect":29,"send":0,"wait":48,"receive":0,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_ht","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_ht HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 7\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":7,"data":"coin=ht"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:57 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q2h7tXo%2BtRjzA%2B4f7zCuSlZOVI3HRe73Xa1l3PXoNJaHBhplrNAFWPPItCV0uWBJpN8PN6Sjlemfen7IyMc5DzwIthYxMO0ER8nflfwRx1D6jfjh3WYoU9PiThkvreJh\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5861bad0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"68ac40a84898f40747d958e0c0941c75","sha1":"a033ad6d2dddc4dcbabdf38740c1a8cd192dcf0d","sha256":"232ef71afd2e2d3a4a886bd164ac9ae400955e7f71505d3570e31635b2ecc00e","sha512":"0707d815ab13b1d6804fdee766d93c98b78e2ceddafbecda34f34372d1d689ada7e8777adf7264eb03a393dafa59e80ce9810cb74592580f0be1ac8ef4f453c2","ssdeep":"","tlshash":"ec70000002afa8a3028200288c0f000000ac28882ca080008c2822288a200028a00020","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-01T14:39:11.901324Z","times_seen":318,"resource_available":false,"data":null}},"time_used":1616,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1616,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_ltc","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:06.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_ltc HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=ltc"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:06 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2rjWfNujRQ4X%2FNcFjh8LBF8W3IsCH1AKYGXTJrG64Mkq5sYsyc77IyiRtBQ9XtviU90%2Flk%2BIR6oGy%2Fjloka6dokIHMZjksw%2F%2BTA2oMM3Ge8xrmNwN7gyg0cRomWNsYGS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5caafb50883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":198,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1fe41a19a2171f10d26c46bc6f62a8d2","sha1":"d30032a4013491274ff21080d72285c4fd09734f","sha256":"75b5bbd804e1d2ac7c8ed1044b3e5df3bb07b3ff7fb84bb56c783993ff737f17","sha512":"69788d9a3d98702e7957b3ba20e1a59650c467b261819cdd0155ac2b099f1681111068e956b20654e2108441c9074934e83192d47e8e302e6f3a7adfea9aade1","ssdeep":"","tlshash":"e4d022c0afb809260c22dbd098ea131eac8ec886e0c0820e5efe8a78241c90c3212c17","first_seen":"2026-06-01T14:38:20.555601Z","last_seen":"2026-06-01T14:38:20.555601Z","times_seen":1,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":464,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@4.5.0/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/bootstrap@4.5.0/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 24869\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 4.5.0\r\nx-jsd-version-type: version\r\netag: W/\"27293-TxSgmmBsmaEfj9oVVk72b3BAKCY\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220176-FRA, cache-bma-essb1270029-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 1220880\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YeZ2Wkqr9oeNvWi9x2BUU5pxTvVc6oPZ6o5T5gHwCzl5whdZwO%2FS6dRlUGjemSsJ0aAezDyBELbswc9cIisxBuHiAkg%2FIgl1DI%2F3gdUzjVl97yx%2FlHCCv3f%2BMhoh9CkziUQ%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a04ef5805ed8b4ee-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":160403,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65324)","md5":"3afe15e976734d9daac26310110c4594","sha1":"4f14a09a606c99a11f8fda15564ef66f70402826","sha256":"680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c","sha512":"aced925c428148809afc07f28442b966a58508ea24d6b7203d87c63aab57df93b28ab68183a5dae0d9c12705e0a484685de5a370099c42788c869db686d0dcea","ssdeep":"1536:2THqIJOT7SyEIA1pDEBi8yNcuSEeA1/uypq3SYiLENM6HN26H:YH9vGGq3SYiLENM6HN26H","tlshash":"03f353a6f5a0312de4a7c61964d0bafd152f8245d7224bfbf8273b6447892c70a73e4c","first_seen":"2023-04-05T04:00:44Z","last_seen":"2026-06-06T18:13:46.686076Z","times_seen":24614,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":9,"dns":1,"connect":2,"send":0,"wait":10,"receive":2,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/bootstrap-icons.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.3.0/font/bootstrap-icons.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 8018\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 1.3.0\r\nx-jsd-version-type: version\r\netag: W/\"edbb-Du3MPQ7GnRobCfGvnAP4Uqb5QVI\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220103-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 1684098\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fw5BowcQFRRiZTXt36mm7w47%2Fll4tGeVolt2CJKQl%2FyvEIgniqv%2BcioEZxMPwUxcrzDErmcRdlEftPC380u%2BNDluG1vZw95LjPJf9nHcKyV5CPMnUFMWJ6QEdib%2B2hO9vzU%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a04ef5805d0256b4-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60859,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"dbf1248779dc682a91ba529b5efe0ffc","sha1":"0eedcc3d0ec69d1a1b09f1af9c03f852a6f94152","sha256":"32cc4a47b370e278072a6440249872e681efa1d992600420c03a9631da885d70","sha512":"2e96320bb785273c91c136a4aba02268e2c9ebcc92998c24160331ec14f0f902132d21f4ac4cb130771dd20758bef407d589b1f8e3175796622edb162a517098","ssdeep":"384:vaqJVm8OAL1M+hQokEYm47U7yH2CYEjOnm4zH7fZ6aXoso1v/:Sqnm8OAL1Mzocm4KyH2CYEjOnm874soh","tlshash":"2c53cebad18f05f59341e4d92743674293a9ba7ce1817c7ad342399ee3c06188ad73ec","first_seen":"2023-04-05T06:29:21Z","last_seen":"2026-06-06T15:22:06.10332Z","times_seen":15007,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":10,"dns":1,"connect":2,"send":0,"wait":13,"receive":1,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Upload/public/629c72d268234.jpeg","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Upload/public/629c72d268234.jpeg HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-16932\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wtZDMpDlDRxVD3Jff60OrVxWMtFqxdj78VZ56ZgbCF3i%2FMYXeB4RF5oYdCOiXD0Mjtjtc0QAp1YAu19sTEC2cy0bswuZkeRbBQC6aY7POB92JlnvdB2CpKU9BF%2FI89zj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803dd00883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":92466,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x300, components 3","md5":"d2ec614dd56337288a48c3504872d752","sha1":"1fa9772c7f2eb6e93fe1edeacef816b6850507fa","sha256":"d4ca7b176180c645d813c294b8174fe3c58a9cf83db951b5b8fb6f1ba9cb2cfd","sha512":"ffbee79889cffadad6106cf0535965fb5a5ce7e39b16a1998084d38aad60f4ecdb1ff0d2281fd34e999ccdd04c3d2cc25bd7aec119a58c18e5cd91b8174118a3","ssdeep":"1536:M9qKZoxlS00K5Xr6B7rdSKgWoCL8DyWKl7mfmxnyKqhvYPZmXxilegMMCdDIDG7:QZygKUFlgWnLV7ImxnV/P9C1r7","tlshash":"72931296b38a4919e7697732485ec1e073f29ea0be451fae51f3c478c8dd032b117a39","first_seen":"2023-05-21T16:18:43Z","last_seen":"2026-06-04T15:30:27.657551Z","times_seen":4439,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/js/layer/layer.js","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/js/layer/layer.js HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-4d83\"\r\nexpires: Tue, 02 Jun 2026 02:37:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VcMjpZjsesQYA9aTCr2OIoc%2B3aNOhzXG7AG%2Fso6sSt8S9xE7QEDb2xJfxapLYRpDmLnI50afOvBm%2FqxsC6ndgoVoU3Q4PsRpzBIDk9bdM50qdiEMyuuTDUUOdhqfFMKl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5804e170883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19843,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (19752)","md5":"666f4437565d197e9459e19a29f58315","sha1":"afc5c0a1369137e52b37ad5fb63f48202ce31368","sha256":"4a49651ad86a83ecbd9c2ad34e7f5c906b46ae2c4c93c1c8585148f936b7e100","sha512":"1e659ff6c47458dbbaf7e7561402c12441286c255ddec048bf654388e8666a9ceca344e166657c29fce4a08b46470b44c47e8f1c6f577adc2a4e4f4f0e7e1e90","ssdeep":"384:DQ8cuj0z4VfS7ShA3BMJOoM6bs7hwI9b4Zrxy:DQtu8CfS793QODbcI","tlshash":"5f92c85ab5503593216390a9911fa90f30f24d22eb078958f16bf1fd1ebcda562b3f0b","first_seen":"2023-04-11T09:52:52Z","last_seen":"2026-06-05T10:31:55.295092Z","times_seen":13773,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_eth","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:58.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_eth HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=eth"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:59 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=77J3ZMEXHg9xtosH%2BF6fQVr%2B2f6rFleKMo4nHHj5NqnDf%2BKHy%2Bn4v%2B3sdesw2RMwA4avrBSDpnvo74cNF5lg9Rkb%2B9mUKW3kEh6pERzqYgQCGcK9acYoi6zK2s2ouOVT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5989f080883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":202,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"208c2228af5ed907017f4bfdf2de6da3","sha1":"6feee8384657dcb12eae0bdbc03c45a6a493b117","sha256":"efc42076c576a7107dece90f1242c2c0a2fa37fd2cb1f00d0fb2f52e0bd0f109","sha512":"ab40f771c104e6781a3d405839953cb2752548539a5645a4cfccb34be0bc738106b274f3068622fcace8b0478aaf6c2d34c325afb40d02bb52837dd38630f3b0","ssdeep":"","tlshash":"bed023d45f3c05354c31e7d1a4e83b6e148d4096c080c20515ff4db8146d6083315c36","first_seen":"2026-06-01T14:38:12.561181Z","last_seen":"2026-06-01T14:38:20.512645Z","times_seen":2,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":525,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_flow","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:12.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_flow HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 9\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":9,"data":"coin=flow"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:12 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UWaLz9WJSMa6AqHVppBT6n9KZkmyPXBUAgIRbcFmZYWB%2F3X4sqh2diGlMi%2B52cWdXMtmTPNopBpBezrJWK5lNcv7ykDzCo5NicMoPY7gkGfhUGILnPWkKBMntjKtfu56\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5f02bb00883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":206,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"61acebe03e37fd5bea64cc49389df6b4","sha1":"41ec26b56c10ba1de82b5f29a3420f95d4b8756f","sha256":"2da43a8bebf866767d519a65e5a34739a5c4a7bdee9c1ea85299fe7949c77d54","sha512":"b55cee4061829a179107b755e971b979bcb409f14fd60ce859c214149e1e5b8e59c99fe48a7b475dd1edfb492559b5b2c9d5bb92bd00e0e9734e4fc63104cb4d","ssdeep":"","tlshash":"1ad023f03d35051600f1ebc154f9136f54ecc145c081420056bdc7342e6c1047545f13","first_seen":"2026-06-01T14:38:12.571954Z","last_seen":"2026-06-01T14:38:20.559678Z","times_seen":2,"resource_available":false,"data":null}},"time_used":465,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":465,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-01T14:37:53.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nset-cookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: private\r\nx-powered-by: ThinkPHP\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JZnY%2FcTfHMwTakZ5x28FKI3ou3YSpkTb%2BzuPgNEWKdGfbYsbEMT3JU%2F6Rm9EVO%2BaZC1k60Ory51QXxafH%2F4kygD0ryNDBw6hVUXtbSFuvQTZ7JhETBfZ%2F8S0EDrUKpE7\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: a04ef57769415690-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:4.5.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"ThinkPHP","description":"ThinkPHP is an open-source PHP framework with MVC structure developed and maintained by Shanghai Topthink Company.","website":"https://www.thinkphp.cn","common_platform_enumeration":"cpe:2.3:a:thinkphp:thinkphp:*:*:*:*:*:*:*:*","icon":"ThinkPHP.png","categories":["Web frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":105033,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1268), with CRLF, LF line terminators","md5":"a60d805de0c2debaeec62e09177b0c4a","sha1":"48cb77ea1a5b6125c286623535b19d62333e3b91","sha256":"e7f2749fe66701079ee71ab80ec9cc9a1554b3fe1cb4342aa25234942c008cf2","sha512":"98d7daab2819a3d9de168bcd104e5b36c82b60430dff2f8bed9468d05177bdc2e85f817b3d040a911f58d7d95e387ac00804500d55e7d760eb9228de24759cfd","ssdeep":"1536:QgqSLQNM+ocyyDYeMwhVH+O9ylBBEvTjWg5RfMt423O:QgdAM+ocyyDBhB5Tjf/Mt423O","tlshash":"3ba3b560b35c453a2077418b8bb45799fabad0339627c5053afc53736fb6c18e523ae8","first_seen":"2026-06-01T14:38:12.526294Z","last_seen":"2026-06-01T14:38:20.562885Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1287,"timings":{"blocked":24,"dns":1,"connect":1,"send":0,"wait":1239,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/fil.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/fil.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-8bf\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mrGljC9KbhEFr2MlsQTGPONt%2FKROWb0xdmbo69YzKbyiM7CspUxJaHXBsW6mdW91KudSU7em5H5IX5%2F8RTngZ0ITbBL4b2ISFLgXq9m%2BfMQ9%2BmD2jQATU1ATUBon65jx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803dfa0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"bc0baed91ad63da79ebfd092f42c76dd","sha1":"8a4f9cb9ee821242971e3f29a770e5078218bdf9","sha256":"ac4d8dcc1a755104c19551dcd96fbf097a93e529f86f540d8e0d55328c09a16d","sha512":"7cd155866ec8308b41049d32de0fa72b16dd774355f36ffba0f8256b1acaa2fe9fc5ae6695166f22c655aefe314b161d525f1cd8eb78ed746c3374905b0406bd","ssdeep":"","tlshash":"0e413eb67b9fc403c77f858708ed5e6544225f0a69248d50051a7e6ebd2f1e8c5915cc","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-01T14:38:20.565796Z","times_seen":3531,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/advantage_phone.511b5ee0.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/advantage_phone.511b5ee0.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/Public/Home/static/css/base.css\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-4ddc\"\r\nexpires: Wed, 01 Jul 2026 14:37:45 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 9\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pAWBtNOS2qTnOhFWpjXKRqbkWm0lirornH3aYXFCgDjg%2B9vmjwWyu2lTNdtPcg5cr1o2QZsOoZjUb3SGcf7dqAsawym3VQOS7CffFeTSioXCxQJ7CHkjhOWL6XHCFNpC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef58339370883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19932,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 1038, 8-bit colormap, non-interlaced","md5":"511b5ee00b739dea06dc9e55011afa57","sha1":"eb4ebfdfc46829471c2b86dc94b2e6bc83037fb3","sha256":"31b768d13aee263d4de7af1b5527bded34ad208284df0544dfe5fca9d00a41e0","sha512":"54e06fd802883d46f47e6f59f3d795d893ea797d8295c1cbb506b91a46d0d1efa79751a454049c3e6b2ac06dd5a312950658d96fa9f8c3cefd1d46f73e5ebda4","ssdeep":"384:/M6qoHUBFHYEFyqYA3ar7vWF6cCf9X+VFMsTB:vXHULHpFyRxc0X+Q0B","tlshash":"fc92d0c78eb6894efba7c47c81508bf2617a282190e61dd5fa61e3a3b432645db36071","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.649301Z","times_seen":5451,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/community_bg.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/community_bg.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/Public/Home/static/css/base.css\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-3c99c\"\r\nexpires: Wed, 01 Jul 2026 14:37:45 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 9\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BaYpMC4oA6ZA7onN0OVHaKwHbHN2ZgBAqX%2By2I4NLxXoPsZ93M2sRSdd6zThMy5MffxtPK4i12yuGgIFcCqjM%2Ft7duvKv3coaNDdT5A5WPn75%2BxVNl6UM4LbRz8Sexta\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef58349830883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":248220,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2892 x 936, 8-bit/color RGBA, non-interlaced","md5":"3107a5d7de66ac526ba295a6ccb85e2f","sha1":"7ca2f1ffe3ed6dfd6260e8a47643d30d6223aeb9","sha256":"1021f5b23b901a121fcf0f78866fb66c978411d309aef421c54af4cb09ff1b6f","sha512":"262a6554428da7f2bffcc71915ee13f5e9a504a2e76af61499ba7ec68713fdbba8b2f52d9b6ff8a9b13ae649103c6aaeb2e89f0dcf5411ec636a7c6ca5c26f7d","ssdeep":"3072:2cI5zu8n4youkJkjKrt88rRhc0ZmoZ/UYO5+90yCOo9XHhNkHLfuZVrD0BMdJ2oo:2V5b4G0ks8ybkwT9vBo9R2iP30BPdb9","tlshash":"73341284fd1e6df6cdf40db008629f4c7935a6ad8835d713a3b6e15d9eb754008be680","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.64992Z","times_seen":5149,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_btc","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:01.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_btc HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=btc"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rIfgylfiZgU73lLpKLgtoC3R3QLuEZ2N%2BH2%2BRdgIoL21Ob8gONlxHVU4XQV2E0snBCEg6n6z8my91iLwSiY%2F7qKcqsLr%2B2%2BhUKtrL0ONUdDYVbAQwA82shA6VwSQ1ltt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5ab6cbc0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"971df027348b77eecf8c082b1b16c948","sha1":"cb114d6b75fa52bddaa1f3666bf7e4d752af02a0","sha256":"68a3a7e26ea3fff529e8e7a9ed97b3b9dc734c7f62f774975f55457122966c96","sha512":"9beb8961688e4d065aeab8eff2a466faa8ce282f5cec9607629388f246cd12febdb0fbd7c464f7568215ca7675a35c5c9aa3f990302bae2aea5f051caca07bf7","ssdeep":"","tlshash":"a2d012d06f7d25651c32f7e1a5e8172ff44e4886c084468d9afecaa824ad20c3316e77","first_seen":"2026-06-01T14:38:20.571345Z","last_seen":"2026-06-01T14:38:20.571345Z","times_seen":1,"resource_available":false,"data":null}},"time_used":603,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":603,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_doge","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:02.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_doge HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 9\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":9,"data":"coin=doge"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6NcvXdBnrzVK4Wmnu%2Fu9KnWHsOvk%2BXlM5yL7vD8L6Le3i0QWic5oeOb0lJqXIrEbG3aLZ3jo7RwuzebG5tvHI%2BCigpMGI4gR4xVPt46lRwjAEOZjxReAD1gcN%2FbcasC3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5b1ac180883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":209,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"58a399cd50311377663654904a8862c0","sha1":"8a3420f59937c084ab5d06a16aa4327f62edab54","sha256":"58843cd87abedeb18864bbab21990b2c1065ac62ff5c22cdbaa66953fbfedf35","sha512":"fc8d76370afd6d2b95613ab6c7c78b328ef3f126612690fb114bfe6063bdaff81ef8a7204d07a293c9b0464e15b4c9c29881cee5434b6e4c71cfdad0c021e6be","ssdeep":"","tlshash":"d9d0a7912f3840260c22a3e058e4161f949e88a3844546055afd8ab8149851c611281a","first_seen":"2026-06-01T14:38:12.533889Z","last_seen":"2026-06-01T14:38:20.524039Z","times_seen":2,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":476,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/2251.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/2251.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-a79\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KcTwuGI3qqwHMNvn43hjjH1OvooPHPiy5ijajDkJPzG5exw1%2BthMkG%2B43YqesaCkUZNLYu5azdGQedF3OXsep%2FnFcMbz904kv0Y75m0IGXM09ynYryx6gsYsC5tT1g21\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5804e080883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2681,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"184102c922a16b09ff0787ccafe5af69","sha1":"691a0ffc4f3ae3b1b69d8ea6281f2d678ea32580","sha256":"f9e6d63f3a0bd0794865a9a05f24d5183f930a5c8e6f71fbf49a6ac3824e98da","sha512":"e3abe6725a8d79c1cc05cea33354d65f4c2e930e1689c44600be3892d66ff955a7d27bafc60df573cb7e9e5fe43e27f831c028b9e5dda11d700781d3cdd4e698","ssdeep":"","tlshash":"7d514b2131989cf4e1075ca36ef048d4b4d171d7eab1a25efa3450c5c5284a15cdd3b4","first_seen":"2023-05-21T16:18:43Z","last_seen":"2026-06-01T14:38:20.572288Z","times_seen":203,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_doge","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_doge HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 9\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":9,"data":"coin=doge"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rc%2BxOb%2BV0mulK41l0CSXQ5QMAvCMyaCxFLsIV%2Fck%2FYCZr5ccNLQ3bga6Cu6Vw%2F0%2BIWx6dAZqqCSOYXF%2BzY%2FDr9ChsWRrNrbhGyr%2B1RYRIJZtNw6dk1PejkCBtSbxXsQU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef585ead60883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":209,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"58a399cd50311377663654904a8862c0","sha1":"8a3420f59937c084ab5d06a16aa4327f62edab54","sha256":"58843cd87abedeb18864bbab21990b2c1065ac62ff5c22cdbaa66953fbfedf35","sha512":"fc8d76370afd6d2b95613ab6c7c78b328ef3f126612690fb114bfe6063bdaff81ef8a7204d07a293c9b0464e15b4c9c29881cee5434b6e4c71cfdad0c021e6be","ssdeep":"","tlshash":"d9d0a7912f3840260c22a3e058e4161f949e88a3844546055afd8ab8149851c611281a","first_seen":"2026-06-01T14:38:12.533889Z","last_seen":"2026-06-01T14:38:20.524039Z","times_seen":2,"resource_available":false,"data":null}},"time_used":498,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":498,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_flow","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_flow HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 9\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":9,"data":"coin=flow"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aNdVP638nCRgWrjP%2F9wsJGdNJMyYPaSuGU4hg8lb0qHqzhNq7p7f%2B8WDuxXKc4tSHw2WkX9VVfkEiAy7yUrkVDB2xF5e1NWEDVXbJAzoVUIG3NeG20fnV%2BpmF13uZsRw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef585fb170883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":206,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"61acebe03e37fd5bea64cc49389df6b4","sha1":"41ec26b56c10ba1de82b5f29a3420f95d4b8756f","sha256":"2da43a8bebf866767d519a65e5a34739a5c4a7bdee9c1ea85299fe7949c77d54","sha512":"b55cee4061829a179107b755e971b979bcb409f14fd60ce859c214149e1e5b8e59c99fe48a7b475dd1edfb492559b5b2c9d5bb92bd00e0e9734e4fc63104cb4d","ssdeep":"","tlshash":"1ad023f03d35051600f1ebc154f9136f54ecc145c081420056bdc7342e6c1047545f13","first_seen":"2026-06-01T14:38:12.571954Z","last_seen":"2026-06-01T14:38:20.559678Z","times_seen":2,"resource_available":false,"data":null}},"time_used":751,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":751,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_itc","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_itc HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=itc"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eD2yRIhgW2EiTihNc296WOD5Ilh8vQPF2fwEoIo8BcXsJfvYi%2Be0wWY3KcxFq6syf5q2zmcQOTZsLBRAQ%2BoRH6GJrvLg7Y0v1gHQ8nMdG%2FVajh1dDUYb8XNDBozbvA8c\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5861ba00883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"68ac40a84898f40747d958e0c0941c75","sha1":"a033ad6d2dddc4dcbabdf38740c1a8cd192dcf0d","sha256":"232ef71afd2e2d3a4a886bd164ac9ae400955e7f71505d3570e31635b2ecc00e","sha512":"0707d815ab13b1d6804fdee766d93c98b78e2ceddafbecda34f34372d1d689ada7e8777adf7264eb03a393dafa59e80ce9810cb74592580f0be1ac8ef4f453c2","ssdeep":"","tlshash":"ec70000002afa8a3028200288c0f000000ac28882ca080008c2822288a200028a00020","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-01T14:39:11.901324Z","times_seen":318,"resource_available":false,"data":null}},"time_used":1209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Static/bootstrap5Slide/style.css","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Static/bootstrap5Slide/style.css HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 02 Jun 2026 02:37:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bgyXT0MiePhEOxxyQPRfPbJMc01WUtmjio%2BdSFxAu9vqRF0emfhUNM4hh1qtS1BxjFgYZWfca%2BbPGruWMBQChm0keSTXMFC7u5xG1NONftYIANupBR0WPanAxmHZktQ2\"}]}\r\netag: W/\"6a10a026-24d\"\r\ncontent-encoding: br\r\ncf-ray: a04ef5803db80883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":589,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (589), with no line terminators","md5":"df62cb99d119a66bcd5f06547d96ecb7","sha1":"a6d0e097db0919f47977c33510359bc08ec88a9c","sha256":"afca52e1c0203f27bf8165e8fcf92b2674f084f6372f12cc1e7bb3edaee35f03","sha512":"59d599c3a25a64cfae94e1b2f1328abffb199a503c0e8904a3e4a574c101cb6b72d09e94a7b2afaa3f8cbd1a55b92cb2b2bdc33b528ee6c953d30fa3b622cf0f","ssdeep":"","tlshash":"a2f07f42b71a596e5d872300a9d213abf10c7f319709097992f3211d8f29a85237df4e","first_seen":"2023-04-25T18:57:28Z","last_seen":"2026-06-04T15:30:27.621863Z","times_seen":6117,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/favicon.ico","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nage: 8\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X6KJ4iVF6V3pYIkiBIufEr1QpG2P4WriaIvpI61peMey3P4loHQRqVZBRMfqrJYQu8AnIBomzEAA1dHccS1oe2uKXnm4xerquC%2BXnun2URNREn54qUpGTQoctJwjPRVf\"}]}\r\netag: W/\"6a10a012-103e\"\r\ncontent-encoding: br\r\ncf-ray: a04ef585dabd0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4158,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 31x32, 32 bits/pixel","md5":"cef1fdcf0f902d25694d5ea83a3d8e97","sha1":"beed6c02f9875f1471122900f5d063d6fe67f0c6","sha256":"aaefc2dae382655fd38fef068fd3d8983038829141a7aee69b2748c21f11e8cf","sha512":"ad93af34db118050fa24f20b46cbe47e67ae07a671e92fed02710c78d0322591d662a83558ed27029574ace77f9e62b3e8cc5bd3b16d53aae700cb6edb661a17","ssdeep":"48:OmFtBetFrtn0t4+tPtHtRbtStj/tKJZri8jQ2nZb7PPPPPg0qlw:OPHCNvr5Q29E0qlw","tlshash":"c381d04bcc961255ea97103ef41383e1ac385ba64b9e710c2f687a1a381e77ed60470f","first_seen":"2023-05-22T11:04:23Z","last_seen":"2026-06-01T14:38:20.575286Z","times_seen":2090,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_eos","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:10.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_eos HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=eos"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:10 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dFpglUn07HB0W9L4tMZ357Jmq4ttjVZr79tSPfYTaaciiR3SgRa4NPM8fsPG8P65kE2qShLZ%2B8zgbs%2BUkXGbIhOuAW6ULGhfU4%2BaMhTA09VWaiQJE4oc1TSR5D7jwMAp\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5e39b640883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"68ac40a84898f40747d958e0c0941c75","sha1":"a033ad6d2dddc4dcbabdf38740c1a8cd192dcf0d","sha256":"232ef71afd2e2d3a4a886bd164ac9ae400955e7f71505d3570e31635b2ecc00e","sha512":"0707d815ab13b1d6804fdee766d93c98b78e2ceddafbecda34f34372d1d689ada7e8777adf7264eb03a393dafa59e80ce9810cb74592580f0be1ac8ef4f453c2","ssdeep":"","tlshash":"ec70000002afa8a3028200288c0f000000ac28882ca080008c2822288a200028a00020","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-01T14:39:11.901324Z","times_seen":318,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":472,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/advantage_bg.a5d6d444.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/advantage_bg.a5d6d444.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/Public/Home/static/css/base.css\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-77e9\"\r\nexpires: Wed, 01 Jul 2026 14:37:45 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 9\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HrEcxNLEtiGa5i31q1QIdVNsnfyWoZms3Ay%2FlqX%2Bet9YYvZttNO1g3Rqy0dHvoWHYOTcmXVD5YVabUVXkf0sp7W7Scmq%2BmxtBaRtbs1XfsPbg2i2QrTme5yw9rAMr7J1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef58339350883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30697,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1392 x 1048, 8-bit colormap, non-interlaced","md5":"a5d6d444c8524a6d8e39fa1618582284","sha1":"4fda97683b94717d7597718b1e01c4a091f78ff2","sha256":"b2503b762cb8bf80f11571c1a10ac888258b78cc2a3a847780dfecef23dbb39b","sha512":"cfaf1fb56063ecbfc8d8a07ca56e6be8663b32188308ea349debd55b57e847c8005dbcbb1d72dfb8a7ca7873da81e44ed4b993345d673cf78bb3d3045f5cca11","ssdeep":"768:J1+dBPa7fkey90Yf5vWOjCuMg4+26RwDN1OvagerN6gA30Mh:3+dVa7fke7YlV14+d/vageR6gI","tlshash":"dad2e1dcf0f1d689567b11af43f47e48f5a5377e223344a05bade009a28095b3a7b41e","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.664518Z","times_seen":5427,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_ltc","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_ltc HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=ltc"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z8I227oFxUhjh%2BDT1t7Atm81uPFdwmybp7liB3BEQnE2nzn42ARKNrglZpoR6929Nv0HVd4rkQ1boffwd%2BS6ayM%2FzIWo46pteuDlMUdD0vTAzhCpAzcb8ABVw7Fq31UH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef585eaf90883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":198,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5c29feab01cabbf1a5e2a14ef75fbe1c","sha1":"227a0efc10be8ca2d0517836fede3443fb624236","sha256":"fb4ec35a181eaeebfd68ed307c656824d82e745d4e2def28d1fed3515a00210a","sha512":"cd7c777c74935925e724966a33a14862f2b56bec5c0a1de0f0e2a836188e73b035460558af4898abf29db59f52efbfbbe294844ea98e031fd9d3fd0dfc1f32f7","ssdeep":"","tlshash":"c9d022c06fb8092a0c22d7d199ea231e988e8882d484c20a5afeca78181c90c3261d2b","first_seen":"2026-06-01T14:38:20.576476Z","last_seen":"2026-06-01T14:38:20.576476Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_bch","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:04.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_bch HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=bch"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:05 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VPHfvQ9eueHB8OHc%2BcW%2FW7GM60262sUOeMBFPaI67LeL3m46vE%2FbYdIk2aOMEH6CkjkJ%2BH2ZLop8oLzxehNJ8YEolKFQoT7RsxXI2GkZVyuRMrk%2FeYI3uhre1IDnlbM6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5be28f00883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":198,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5c8c709fce666e94083fa4a911fddf4d","sha1":"7423072071ab02992d74a5752351260ac9eaa057","sha256":"69ed284fceabd517282bedb95a574b244dc066b2f4095d2b3c84c97ce31bdd4e","sha512":"2d89a957b00883c8fb1a1af0d929e420882d8afcac4d20467132d7ce2d7c110a6cc4b83acf18d83781f3184c770534572541cbb2531f8545b7fc578a29bd2de3","ssdeep":"","tlshash":"4fd022c0bf39542a0c31e3c1f8d8033e645a05a6c095410d5afd8e2800ac21c3213d12","first_seen":"2026-06-01T14:38:12.546333Z","last_seen":"2026-06-01T14:38:20.577405Z","times_seen":2,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":596,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_iota","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:08.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_iota HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 9\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":9,"data":"coin=iota"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gYpirKHfkQQm0CJIIvYHPS4lx8%2BMHbDMH5ou68oQXmazckMd9kTOBwdg2C3CZvfTDX57lC4OJKdlnLsQHcUl%2BDmecVdInH1%2BgyQfNGkMHhjzCSQhoFhUoy9kLgEFHiFY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5d72c8f0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":200,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"01577219a8a196ae943ae915a8908995","sha1":"f19d5bf213989e2312ac97c7bb257ce09f99860f","sha256":"04ad8cc35f40036ef5364580ee1f926a5c7608521461623318b8a75d9a262b16","sha512":"01956954f3ccfb397ade4558d5271e6f9c4ded01563ae76139e92ee9079b1d9951bde40c2418d2337e29bc2284aefabfb7f30d071152e7d7458a408a64cc359d","ssdeep":"","tlshash":"70d022b43f3c041208b1e3c1e8ec07aea8ce8887e088530a1bfe8ab8401810c3332d22","first_seen":"2026-06-01T14:38:12.551321Z","last_seen":"2026-06-01T14:38:20.550169Z","times_seen":2,"resource_available":false,"data":null}},"time_used":463,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Static/qrcode/FanamLa.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Static/qrcode/FanamLa.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a02a-7f87\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wyYhEyraj6QFWkkG1AzZs4U5Dj7Cd1QulxOpkuLIKOrn8MPkmDgcsxlhBtscU%2BJ3Rg5n4TCAUvXF6ryTKCPkfFfeypJHskQV2%2F3Ck%2B0s%2BhpyY3qCUCzUv6%2B9rztFvaUc\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803dcc0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32647,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"663b0c447697d27ec8856409f214b021","sha1":"8ea144fca3fb898c5f1a0d5c192084f46bb6c9c8","sha256":"5459d52c41be57926ab568e4d5e75d2f77d0d88739e1903884925ea178bb2ccb","sha512":"a0b604b05527127d0db4a9e89bf2bf3b9dd38574e5f50b33206570e01646c77d30711ee80b2ba0614c946595c5e0661f55fef48464a410677c819ed7ff4c33c5","ssdeep":"768:vM3rxJS1gfgBIa2hthzfVc2PztvWHMr5cR2a:e10nIXth5xyMdi2a","tlshash":"32e2e0f55c59a86d2d8444b00b685e75abfa80c21d8ae1dfec8013dffa260ef4be0565","first_seen":"2023-06-09T02:38:16Z","last_seen":"2026-06-01T14:38:20.577959Z","times_seen":463,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Upload/public/629c72d72bea1.jpeg","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Upload/public/629c72d72bea1.jpeg HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-2044a\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nNgTddQZHfNJ6ThWaerY9yPlrsXu7mTo9YBNNDXgjPMZeAKmha%2BnX4KkHxfPOOpL9n9erZuBhP28YGc5kefXI34atVBzOy5BNjwSvXqI3V6l5Rsrvur0yE1CftVo2wOY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803ddc0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":132170,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x300, components 3","md5":"dfde2097912178e1ade955a1479e4158","sha1":"2a46f5160255b5b99a32ffc7c0dbec89a2ff98dc","sha256":"09dce8313f5e10579c1f58032cc3397cb4b253cf9d4c8a0b858402cef5d397a0","sha512":"34b2608914c24f8754a8097b7cb752fa1960934c3be9270110cdc6d492ba99ddbf086d4c61c29789527849041d824979186f6e0af199f8efd181a22a11d2cb07","ssdeep":"3072:aJmM1CFqby70UZh28jBlZQZLoSMi60EL5+DuWXqT1mBkOZw0C1oPSnWnWnWnWGH:9MGw+FjBl6LoSMi/Ed+DuWXqTox5CSPb","tlshash":"8fd3f130ebcbdb061b9f446888fdac23076a19f811de90166f250df5f5cabb554424bd","first_seen":"2023-05-21T16:18:43Z","last_seen":"2026-06-04T15:30:27.651679Z","times_seen":4468,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/5f8738fd439bc57.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/5f8738fd439bc57.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-9a9\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rdt6Ux49tUTcMUFUIBUGeCsscCpbkPakBK8cXfP8V6eKjnZfcTXJINeSuMC4zU23IhMg2Blt5HUGEoHIsRXudShlZyGR9JUznSfDxmTx4UmPhIkQJ3iP0iNks3D1ZVbM\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803dea0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2473,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"430e14fa7ab62df82c9858bfa2682ece","sha1":"aa845a9abbffcbceee99934123b8e4e94b9ee52d","sha256":"20aa97f93b13e2de6de053d1d96a51ef8746a758973515f93b3f6e905c98f716","sha512":"bebb827e0a4525c0f7d3213a28fbde13be283e82d41ff86cfb216c98cdd5fa6515cd3403e2b0b2237635f46b0703c22359e797ca5bb0d3f660c4a1a287d600f5","ssdeep":"","tlshash":"f5511bd8fcdd3065d094b87b6b2121a25a831bc4f2807ae6f426c4495233c69076cfed","first_seen":"2023-05-01T18:49:36Z","last_seen":"2026-06-01T14:38:20.579311Z","times_seen":4990,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/icon_etf.svg","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/icon_etf.svg HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-55f\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HnNN5vi%2FOugI4uVBojSW2RYH3VeIJQQtgsHSP5YI%2FIhnRFWav5VwTcWlJbWdNVjCDTrnZ5p3yt6cjbDrG5ajaDZ2KAveVThJ8cPNli1aT0bYMFBJyWw0MkJlfHkVb6zS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5804e140883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1375,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6e432564e65f8779c665055d5bf9f563","sha1":"dc529670e33c8baace696f7ed4c3ef3bbe9cad90","sha256":"2df7417ef0acff023bffea1bf0c6366884770c1dab4d191f24ec29c84d2b7031","sha512":"cec79f984f55609c45347e0a6b9e885fec23baadfb00fca179eeed2b2902e5a8659649b6e4d7c0711a40bff90b8acfb7b8823a89beb53f9e836211ef89f17c3e","ssdeep":"","tlshash":"cf21e9fd204aaa29b35dc352ab2961f4184610fe1f35e4c1dbf855143c1cbfe495a1db","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.634706Z","times_seen":2567,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/advantage_phone_ui1.7a062617.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/advantage_phone_ui1.7a062617.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/Public/Home/static/css/base.css\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-1fde\"\r\nexpires: Wed, 01 Jul 2026 14:37:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WYlkFw42F6IRE5qC%2F%2FJVF3OrOidONHA1DiZfeEbe877MVG%2FodP9qjfAyS%2BO2J3rXVa3uPCAnisEDGG8FZLfg6KQkqEk5sZB62%2BaA3REbxLkEp8rjfZWtVhOeXyR2goD5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef583393c0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8158,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 620 x 384, 8-bit colormap, non-interlaced","md5":"7a06261784d3908ab66f836816376de0","sha1":"3ea8a00b11b016e46703e0b873f005eb5e70adf3","sha256":"c6aa1f5b958419cbaa53682faf70d19d2737d2fc3ec58aeda3f83de3802ac4d0","sha512":"fd838b02e21d15d948d357fcea888bc7fe11bbe2d268d82f6b5f14341b2f253f5ffc6f8f34bac7beb7cead9c4780f6d4ee0b1e73db99ad3c681839965c886572","ssdeep":"192:RCD7357jDYAgAY0UKt/wetdU7BxeTKgPG2ZgwPhlTAAAAAI+GpYSTOFgWsh:RC3357ZXt67reegPG2ZvPDgGhCCWU","tlshash":"4df1ae00e21cefc3fdfce446b5a9916f24b44271323294ce50a39b65d8f459fa7966b0","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.654934Z","times_seen":5436,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/js/layer/layer.js","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/js/layer/layer.js HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-4d83\"\r\nexpires: Tue, 02 Jun 2026 02:37:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 11\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zJqHGzNCie3sur7nUz4d3wWHvxqS5Wb3FCD6DLYEDSEtdvF7F4DC%2BVsvYa8A42UtbXVVPmgoJFh4rEtBYrT9n%2FGOsizwRksE7pCdtx9iTDSr4gWtmRKwHANJX9LzTqZ2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef58548730883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19843,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (19752)","md5":"666f4437565d197e9459e19a29f58315","sha1":"afc5c0a1369137e52b37ad5fb63f48202ce31368","sha256":"4a49651ad86a83ecbd9c2ad34e7f5c906b46ae2c4c93c1c8585148f936b7e100","sha512":"1e659ff6c47458dbbaf7e7561402c12441286c255ddec048bf654388e8666a9ceca344e166657c29fce4a08b46470b44c47e8f1c6f577adc2a4e4f4f0e7e1e90","ssdeep":"384:DQ8cuj0z4VfS7ShA3BMJOoM6bs7hwI9b4Zrxy:DQtu8CfS793QODbcI","tlshash":"5f92c85ab5503593216390a9911fa90f30f24d22eb078958f16bf1fd1ebcda562b3f0b","first_seen":"2023-04-11T09:52:52Z","last_seen":"2026-06-05T10:31:55.295092Z","times_seen":13773,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_btc","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:57.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_btc HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=btc"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:57 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qKO325tHYJWkevF11C4skWUNXHNgaQPg%2B9zYA9rWbopZI6tkvoMoF1s%2F7E9kCzOn55e0qHLnSYuD%2B0qPcIaN5S8gYyXZNU%2BzX9Y7gx6vgxdLilvntmSbGQvTwYyOxLPH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef59258460883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a309278a575cb8aba3fa77bfa06cbbff","sha1":"2d1dcfb0a6921a1060045572619cd4f0b05a4c49","sha256":"a61045107376fcd11c7db3e9b18adada8c4863d1fc9eb794d82e9435a185cd03","sha512":"23b43dfd7838886baf822f79cf41a5e21a7ee5e26c25367216a046b43e40fef47108626f6811acf355a222e98f4ef3603bc559a974c77eb424fd8a748193b895","ssdeep":"","tlshash":"34d013d47e7d15550c71f7e195e5171ff44d8492d044450555ff8aa8155d50c3222d36","first_seen":"2026-06-01T14:38:12.528704Z","last_seen":"2026-06-01T14:38:20.581394Z","times_seen":2,"resource_available":false,"data":null}},"time_used":473,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":472,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/hot-2.svg","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/hot-2.svg HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-1ade\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Odac9J3wUcLAisSkjHsrW%2B0dBTAeoEu8zwWTPudYrBCiid%2F%2BulXM3MsHgDVzUGj7A9YKj6zWn9G8WCvWPpM9qNjubeMb8rPJy4u09QLusXeM878o4JD1TLfFmyJqoHe6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803dc00883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6878,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"dd9279cfb541640afabd1d33527f1df4","sha1":"6d828472cfaa863044b92e5c884ea8d658df4d36","sha256":"6466ed8936ba729058d7e2ae3bc93a7d8f3fb8ec385d7e3c29f21968cbd5aaef","sha512":"53a3ddf98f9ea97b18e73e5ca308a452a16142e672dcf3d1c86e61cc83e94729651eb41301bc902cc2510178e0c708fb5b66f3bf1e4ccde0fcf5f61aff77fcf5","ssdeep":"96:QRslJ3A7/H2wd9Qci3A7/H2wd9Qccra97a9tx+duKNBBbNwKDNlUs7vkSqD:QWS/Zd9z/Zd9ia97a9tKblLs","tlshash":"96e197f7e1b8b993d246c771ed52485528aa84fbeb810391c2e8ff9a6135cc04c4edd4","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.631321Z","times_seen":5062,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/xm/4558.png","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /xm/4558.png HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:28:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a050-48b0\"\r\nexpires: Wed, 01 Jul 2026 14:37:43 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fe7IcDDuyRIgeBDzZPPgliYnltGa4hROfH%2BQGH0F7kzt9CuUYpu6KAsWM3g%2Bkh%2Fpr7MyGv%2BpRWN4vG8ax4FXW2AIxgb6UpcOr50ly1xazChAGAXq2PlU9Ib7tVYn11Z0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803dfb0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18608,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 199, 16-bit/color RGBA, non-interlaced","md5":"c7e59bbd0ca773c704b906e229ca8383","sha1":"e191e030bfffacaa1b53ea83121a03955fd080ba","sha256":"22e62f07c3d37c4e0b8f717bda7ac0c60362fb80380c9f6def693dd4f9b4567c","sha512":"69dfd5a8bec0c1533adde28c322e96dcf9236b934a21668bc435f55f3284258881937ff92573a64188b4cd3ccd52f6d485eb4d864d4da0806753c71e385212db","ssdeep":"384:KR6xVqHk99Lm0m9/zkJMPoqgN09WuJFNFHaV2zbj69VmO:tvQk99K0m9/zQLqGeDJ9HHzbjnO","tlshash":"d682e0a4850add63e0b15bb72bad2753cd3d3a2020d4b2b53ebb09b468f090657a4ec4","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-03T01:39:23.82197Z","times_seen":3368,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/imgs/android_down.d99dd6cc.svg","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/imgs/android_down.d99dd6cc.svg HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/Public/Home/static/css/base.css\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:55 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-2d6a\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 9\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RCap2CiXlrLMXNSnvVA%2B1dnn%2BUUCKd9n9kMPZQRQUOGf4%2BHNrkty87%2FElxC70IRVDSlhIjdRxb2NFJIeDqHW3iY4q4ZegrJ4ZW7WEBbUhSJWMImA3VxrGYs2Kq6T30so\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef583392f0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11626,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d99dd6cc9eeb67a17b5f64eee801202c","sha1":"6e11cb75b0529af92236763785b69749f62fee4d","sha256":"dc8a78d121b34f655fc063f43d4ef8cec3581d8539369f35f2ae0258a5735954","sha512":"fea5046497f492375a2bde60559ebfb91f67e52685d5b8055c2fd585809cfc98c3bf1a2bb0b20aa00e390c75533ba327d1b66194709fffe3c236fea363c0aed1","ssdeep":"192:Wt1zfau5v7dYMyr8R0tjFnR0tmWi2C/FNNW6xX8jVCZVzLQTsMH6IL:MzfhzS8+pn+mW4FNNFXZZJvw6IL","tlshash":"693255e793a4c0d0690fd5b5cd3b5ae43e1b70fbafc19058326dd944eb429d68b06e48","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-04T15:30:27.643772Z","times_seen":4117,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_bch","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:55.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_bch HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=bch"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u%2FDY7qZD1Lj%2Fwu7ksdvsz9t%2FEDkLeGq4nNZhBdLFH1wi%2BjyULz9wnVu9DPiPMvGFNgu%2FPoW5%2BJPrgC2AsClfkKtV5hYmBWZAgEtSn7AkR7c4FIbBt6YQIDpVdnPGtZ1Y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef585eae00883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":198,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"5c8c709fce666e94083fa4a911fddf4d","sha1":"7423072071ab02992d74a5752351260ac9eaa057","sha256":"69ed284fceabd517282bedb95a574b244dc066b2f4095d2b3c84c97ce31bdd4e","sha512":"2d89a957b00883c8fb1a1af0d929e420882d8afcac4d20467132d7ce2d7c110a6cc4b83acf18d83781f3184c770534572541cbb2531f8545b7fc578a29bd2de3","ssdeep":"","tlshash":"4fd022c0bf39542a0c31e3c1f8d8033e645a05a6c095410d5afd8e2800ac21c3213d12","first_seen":"2026-06-01T14:38:12.546333Z","last_seen":"2026-06-01T14:38:20.577405Z","times_seen":2,"resource_available":false,"data":null}},"time_used":626,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":626,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_btc","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:59.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_btc HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=btc"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:59 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1KGoWE6mrze8OZQpYR4TVeSj%2BHNzaI7dCszKPyrrVZ0QTbA2%2BBT8BHZfKnK2NTxLwxLP%2Bf5eZ62z%2Bz2VfmNnZt0ujsl9L6XLb5kz6NbeZssPtT25LjTNJ8NAQHdg2Ox5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef59edee90883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":201,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a309278a575cb8aba3fa77bfa06cbbff","sha1":"2d1dcfb0a6921a1060045572619cd4f0b05a4c49","sha256":"a61045107376fcd11c7db3e9b18adada8c4863d1fc9eb794d82e9435a185cd03","sha512":"23b43dfd7838886baf822f79cf41a5e21a7ee5e26c25367216a046b43e40fef47108626f6811acf355a222e98f4ef3603bc559a974c77eb424fd8a748193b895","ssdeep":"","tlshash":"34d013d47e7d15550c71f7e195e5171ff44d8492d044450555ff8aa8155d50c3222d36","first_seen":"2026-06-01T14:38:12.528704Z","last_seen":"2026-06-01T14:38:20.581394Z","times_seen":2,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":470,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Ajaxtrade/obtain_eos","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:38:00.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"POST /Ajaxtrade/obtain_eos HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 8\r\nOrigin: https://tomotobit.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8,"data":"coin=eos"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:38:00 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YyoAkdJYj6jQMY%2BiSUtA%2B2zNTF21EueLUJxeeXFq7PkA4OPFbBQHVYj%2Bq704yuS8GvTcXwvKN8PrErBDG0xqlnDVsAK4HLkjF0ZcxlxokYYxB2EH0x86cY3vWIQGZls6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5a51dbd0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"68ac40a84898f40747d958e0c0941c75","sha1":"a033ad6d2dddc4dcbabdf38740c1a8cd192dcf0d","sha256":"232ef71afd2e2d3a4a886bd164ac9ae400955e7f71505d3570e31635b2ecc00e","sha512":"0707d815ab13b1d6804fdee766d93c98b78e2ceddafbecda34f34372d1d689ada7e8777adf7264eb03a393dafa59e80ce9810cb74592580f0be1ac8ef4f453c2","ssdeep":"","tlshash":"ec70000002afa8a3028200288c0f000000ac28882ca080008c2822288a200028a00020","first_seen":"2023-05-02T21:54:45Z","last_seen":"2026-06-01T14:39:11.901324Z","times_seen":318,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Static/bootstrap5Slide/bootstrap.min.css","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Static/bootstrap5Slide/bootstrap.min.css HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a026-2f0fa\"\r\nexpires: Tue, 02 Jun 2026 02:37:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m%2BQCmmyCL2H2TAhWaYH7%2Fuw7kGrSURMuTXd6SDJYwGgjjnP1Vamw%2BW3kJAq9BUx1FjcOTrsaE6PN6JCN5kEqNB41hg08raJCTWn%2BQZVzsjQTZd1kY9CZQ4DdgfYl0Hdi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5803dad0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":192762,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65184)","md5":"cb46b85888b78de64c1f51bc7797aacb","sha1":"e57147e69810b9ee63af657969ddfd6c456957e3","sha256":"652650f2c09a63e822932e07d79583c64a996e44ff680e2a9183c2a7c5b2531e","sha512":"cdf48d3e0b60cd162995316ce921e3285248d481378251f13403c39302baba3efe6332a537cccf255e2261b8c39d719ab1a9efd83e97111ed321e11dd0eefdb1","ssdeep":"1536:rQGFA+QbGwz48MIEtQ12c2Jsj+aeHYAVmJz600I40Yw:rQGqAVmJz600I40Yw","tlshash":"311492a7f581201ee493c10995d2bffe057f9586d3021baaf42737b44b452eb8a63e4c","first_seen":"2023-04-25T18:57:28Z","last_seen":"2026-06-04T15:30:27.620392Z","times_seen":3266,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Home/static/js/jquery.SuperSlide.2.1.1.js","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Home/static/js/jquery.SuperSlide.2.1.1.js HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a01e-2c9e\"\r\nexpires: Tue, 02 Jun 2026 02:37:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C1Z1IPyrgvvZ6GULecnEkd9kYj5Xfwb28JjQ6t4Hd8MhoEnicQomTKjiSsDwpyZLOt1mRoecA4X4ImS6cJ3Q8Zzlca1WwByJG6snhXWwUljMaAoQaIQO2D0m2NaQOZfD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5805e220883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11422,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10855), with CRLF line terminators","md5":"0b9bc63ab05e21e3830da5bbb4ccee67","sha1":"d162156bdaf14217d76d920e0e57b86d8feb1d97","sha256":"349e46b2c65028736d0bbff7b829c7fc6fbdebc1fb1e8b12365a0ca2e6e9e848","sha512":"bdfa220da1f08e29f05a9984c4999d7e742bea10ad86b7e497a0d112c7992cc52b7f1e9f5430b4286f14bb2336110f85cbdc3164a92121caaf5c91961f7e69c9","ssdeep":"192:j+K3bxH+nqfhD9VUVjIItpfg5uXG3+1tSCl+7flvSXwaHxImISLTNSfYXH7Le2HE:jNcnqflKFgEWulE8REcS3j/CkR1Xh3","tlshash":"9532c65fb66635ca4597b3f1107f940d222b5965fc8a8ca0b17082c0adb9a1c243bfed","first_seen":"2023-04-05T11:06:31Z","last_seen":"2026-06-06T14:47:20.43711Z","times_seen":13805,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tomotobit.xyz/Public/Static/bootstrap5Slide/bootstrap.bundle.min.js","fqdn":"tomotobit.xyz","domain":"tomotobit.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tomotobit.xyz/","date":"2026-06-01T14:37:54.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tomotobit.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 31 May 2026 12:33:36 GMT","end":"Sat, 29 Aug 2026 13:31:12 GMT"},"fingerprint":{"sha1":"DD:58:2E:C4:5F:FA:15:F0:24:91:F9:90:E2:BD:FF:C1:02:FE:21:53","sha256":"30:78:D8:CA:DB:F2:BD:64:D7:3C:12:DA:A7:52:85:BF:CE:FF:ED:37:8C:A1:92:D1:55:00:A6:56:FC:6A:59:09"}}},"request":{"raw":"GET /Public/Static/bootstrap5Slide/bootstrap.bundle.min.js HTTP/1.1\r\nHost: tomotobit.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tomotobit.xyz/\r\nCookie: PHPSESSID=eql3lhhhdpjf85g6esh0kq4216\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 01 Jun 2026 14:37:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 22 May 2026 18:27:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a10a026-1339c\"\r\nexpires: Tue, 02 Jun 2026 02:37:43 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 10\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DU7hIPbxbBKEKbL8O7uOSqXLwImVe1Xc7WxqlqdESxS1pHG5yUPiAfeIza9PsLLXNG%2B1QXpLM9Jil4fmA1LGDoKX%2BbQ9jcT13MULmdoZ8m%2B%2FAgZFDi%2BpWeQAXMHMAiCK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a04ef5805e240883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78748,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"8831aa095cdec88f66c2e46c339cf352","sha1":"5db4c40dbc6bd3d9623ee98a2061dd265885cf2e","sha256":"79d443b15f542c8a8acca8e937f2a3c90ecba78bd49fdbac6c9b878c7f1293e9","sha512":"b07f093e128951e03d3d693778e70e97c53e95f65382d0570f8d6ae9c3bfb25c311870b129c5b8e4ae283c25211c6ecd301e266ca11d75598fb935eda5b09b14","ssdeep":"1536:GaPTJR2t4PqiiyuL5FehgTr1voCBZx6wVlLBkS:4OANBZVV5","tlshash":"0f73c5493254b87309ee15a68037460bf7256d94b14b802cb5bdacde2b3dc8672b7f78","first_seen":"2023-03-07T01:34:42Z","last_seen":"2026-06-06T15:31:40.877429Z","times_seen":7763,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"tomotobit.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}