{"report_id":"72165a7e-003c-4da9-bac9-acc98559dab2","version":6,"status":"done","tags":[],"date":"2026-04-18T12:47:56Z","url":{"schema":"http","addr":"m.dogecoinkan.com","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"172.67.216.187","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"m.dogecoinkan.com/index.html","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"title":"Dogecoin狗狗币交易平台 - 狗狗币价格行情,实时走势图","dom":{"size":113648,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (44228)","md5":"51904f4138a0c9420a3945b4bba2f4b5","sha1":"e76480f6f055631db0513824d5ccd54298fa10cd","sha256":"ad7778473cdf983835453572f30a8965bdfaf60bd9a055271606df6965dd9def","sha512":"86cfe7496547f221277cab54378912a981a8f1547e35425ffc8b014237881bc605b6292fffeaef86428eb86be62573e5679b2ea3f755d04cd0a65b4eda575971","ssdeep":"1536:FS+xZPni4kYoncgaWT8WmIRG3GuygZabxpTa3gcBDdZguX+a5HHGwiFiBmKWrz:Jihc8Tn82ZbDa3tsuX+a5HHG7VKWH","tlshash":"34b3aff62e826c16aee7819a5183328edd37d55bde0b888472f7f20446ddeb0ed43845","dom_hash":"domhash44d3061fa36c8da804f9d8645ab3bcd4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"m.dogecoinkan.com","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"172.67.216.187","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-23T12:47:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":5}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-18T12:47:36Z","timestamp":1776516456,"ip_dst":{"addr":"104.21.33.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42216,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-04-18T12:47:36.551546+0000\",\"flow_id\":2130696724827512,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.25\",\"src_port\":42216,\"dest_ip\":\"104.21.33.10\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"bethash.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1654,\"start\":\"2026-04-18T12:47:36.544120+0000\"}}"}],"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"m.dogecoinkan.com","ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-05","domain_rank":0,"first_seen":"2026-04-18T12:48:01.725478Z","last_seen":"2026-04-18T12:48:01.725478Z","alert_count":21,"request_count":21,"received_data":845556,"sent_data":11662,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"www.turingfraud.net","ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"domain_registered":"2021-11-26","domain_rank":123997,"first_seen":"2025-09-02T10:13:24.398569Z","last_seen":"2026-04-17T00:42:15.556884Z","alert_count":0,"request_count":6,"received_data":2358,"sent_data":3070,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.bethash.bet","ip":{"addr":"52.84.50.47","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2024-12-01","domain_rank":0,"first_seen":"2025-11-03T09:27:08.288441Z","last_seen":"2026-04-17T00:42:15.403081Z","alert_count":12,"request_count":6,"received_data":92499,"sent_data":3116,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"global.turing.captcha.gtimg.com","ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2008-10-09","domain_rank":579962,"first_seen":"2024-01-22T04:09:05Z","last_seen":"2026-04-17T00:42:14.384204Z","alert_count":0,"request_count":3,"received_data":864159,"sent_data":1327,"comment":"","tags":null,"fingerprints":null},{"fqdn":"bethash.icu","ip":{"addr":"104.21.33.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-07","domain_rank":0,"first_seen":"2025-05-28T04:50:51.177254Z","last_seen":"2026-04-18T12:46:15.821242Z","alert_count":0,"request_count":1,"received_data":1176,"sent_data":515,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"bethash.bet","ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2024-12-01","domain_rank":0,"first_seen":"2025-05-28T04:50:51.182422Z","last_seen":"2026-04-17T00:42:15.370514Z","alert_count":22,"request_count":11,"received_data":3130995,"sent_data":4946,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-04-13T05:16:52.426887Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":463,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ca.turing.captcha.qcloud.com","ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"domain_registered":"2003-07-24","domain_rank":777871,"first_seen":"2024-01-22T04:09:03Z","last_seen":"2026-04-17T00:42:14.633954Z","alert_count":0,"request_count":4,"received_data":907939,"sent_data":2929,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-04-13T04:36:40.415277Z","alert_count":0,"request_count":1,"received_data":175,"sent_data":441,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-04-12T22:24:43.06808Z","alert_count":0,"request_count":1,"received_data":473876,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"77hash.s3.ap-northeast-3.amazonaws.com","ip":{"addr":"3.5.242.6","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2025-05-28T04:50:51.18741Z","last_seen":"2026-04-17T00:42:14.306062Z","alert_count":0,"request_count":1,"received_data":1623,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bethash.bet/assets/pathseg.8e50599e.js","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4abc45fac2e718d0fbdde7b49d94eefe","sha1":"b1fe7c6ace1a17ba8f0f56c2c93e75f4e80c806b","sha256":"4a1921893f8fe2d43c35077b4613c738e348e866c6ce8b2ea5d238e9e5ef2ae7","sha512":"861a86d99e2c8f148b931e318defde6d6a647f7433b682b7cede601cdf7c4cd7b403fe4b543e23be16a694a63d177eb84cb093a7e29ea53afe24ee2c4e81e2a4","ssdeep":"768:GCOCz2cv5dYTaulgQwKKh9eE8/nyjyUCJ8:GCOCicv5dYTaulgQw3s8","tlshash":"1003f150b5557669029ed2c6113f3a0bb33b54ec8808e09cf35dd4cef868887d99abbd","size":39870,"data":"","first_seen":"2025-05-28T04:51:10.295799Z","last_seen":"2026-04-18T20:07:52.045291Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.turing.captcha.gtimg.com/dy-jy3.js","fqdn":"global.turing.captcha.gtimg.com","domain":"gtimg.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"626436a6c87a002eb7e8a99c6f5f96b6","sha1":"67d9732c33dc7689a98e63af2a97b0912f290762","sha256":"2a5fc3ad9f9e68e6de662de3e43661e1e8e447df0929efc64c0f067be2d9c455","sha512":"36dac1d5ea743f78e2fa1a503ce5d4448497717589529d1946edde1e474968d116bb21cea723ce8cf3cbb7d6b195d347588a0aa00473b5f41808dda1ee50369c","ssdeep":"1536:BjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:BYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"7c93f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8eabc78a4e827bf7d","size":89391,"data":"","first_seen":"2023-03-09T21:24:24Z","last_seen":"2026-04-18T20:07:52.033055Z","times_seen":1113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/js/main.js","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"09616c12f6e4b9318049182006b37916","sha1":"9039a533295fd27d257c80a3fd0bc768dc4fdb1c","sha256":"c30dc6760d91fe68da63d49cb63cf73880f9cd8ce7cd053403217d5eddb2c13b","sha512":"793a723b49109744c3ab4ea8554d051b708e67bfaacf3c7853c5be6cb8592adaa31f21016feb17ae14c2fc6116e37abd6783f75bc6e23f5f1064038b369676aa","ssdeep":"96:EoHXuLyRoTrTY17eSLhvoz0gcmd/IlSoEm:Eo2yRR1HLhvoz0gcmd/SBr","tlshash":"a7a12045f129057891b63335cb3f5c19ac73484f99691864f6bc14ac2ff9b88a36fe18","size":4780,"data":"","first_seen":"2025-10-11T00:17:30.427497Z","last_seen":"2026-04-18T12:51:41.306518Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/index.html","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a9248ecb73a054e84efe6e01521fe751","sha1":"0ad626b9597453ba6bc6d580dc7b7571b007f270","sha256":"36628222cb04fc0c3dde445bdebb0e4f485a414895748d0b623eaef96583c862","sha512":"6ebd2678dada60a9a4d46ea5c263353d6b25e5c84ca36ca1dcb5f4e1447e9381e217b43facef8edf6b5a67dbd1e0b5c9224bef7a74585b3691fa3b4cfb9c1773","ssdeep":"","tlshash":"bcf02bbdf25a634633a2248f15012d4455b7d3975ea60d4db1590a8c10382e242bffb9","size":543,"data":"","first_seen":"2026-04-18T12:46:26.980502Z","last_seen":"2026-04-18T12:51:41.323816Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/index.html","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ce5804de47790681d089929bc677cfae","sha1":"1c1a93deb5562c2dcb6784ec075745ba45d6c9f8","sha256":"21bff6690e6ea6317c8f36d62c13ffcaa2350dbcc4b12642bccbeddeaacfa478","sha512":"c1bfd68c625ab67354e5baff03f740b3dd5d50f0e421df6d0e558b5cb6b47d22543063d8057c8dccc3cb38ec57febce1599776b41fabf0aa3ecaa9714ab7fdc0","ssdeep":"","tlshash":"28e0c00d25f7d64f68860802753b70166b8026e410c048acd4ebec1d32c0ddf12bd420","size":344,"data":"","first_seen":"2025-08-14T04:55:24.373979Z","last_seen":"2026-04-18T12:51:41.325582Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/index.html","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b16b24adc95fa529b3a4ece55844d28b","sha1":"c91076ffbbde497c513a23f16ee75722cbd457ac","sha256":"b95d19e8926c2bfd132ac53579f5ea60106745875e169b1249bd2547e91a150d","sha512":"5c036c3a384667cd3f79520911be93114736f90b7fe87bd24db5a3a7544614fdb385e91e08a9cef6d7cd4c474a226edfb9ddfe9b84308247d8c6edc96ed2e730","ssdeep":"","tlshash":"22b092e4f34c342a803b1082486e95d9eeac0430a80c0827fce823706ca272516038cc","size":127,"data":"","first_seen":"2025-08-14T04:55:24.375433Z","last_seen":"2026-04-18T12:51:41.326222Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/assets/main.ecaab409.js","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f56a6beea8bddaf29b9de2edf07661b","sha1":"9bbb1246c58a38265b5f11bfdc22a5c6b5f17116","sha256":"2289afee27d3691de91ee42e4ca50a799383894c12edfa99d6df77adadfdab44","sha512":"3e29cc24b98e784fa43e4e399a5d48105148c75e5ce5d6381ebb6191ebbd1a1c19f1c59b4646eeecd3c25cdef15b6a84841a48ad1549ece8a7490c24b84bcf2c","ssdeep":"49152:dV6cDTV090IdumcYuCoj437GpzyQwWGUyv+A:54GSp","tlshash":"687586acb1cb999103d589845c6632e1b11c1e4a3588f6e7e8b89d7afdc11b1c673f38","size":1622337,"data":"","first_seen":"2026-04-17T00:42:36.103161Z","last_seen":"2026-04-18T20:07:52.054322Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/index.html","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b59b3c9088bf50a20700182490998e10","sha1":"7e981134d0d6577dc2103481db6ae21c2433a16b","sha256":"798d4efc852a4a514506b2c28ea11952f5462490ecc2a02623003567f013d691","sha512":"8553cc6d8eaccdb8ac67ad247178dc1b9b6563f830a3f6c0a7f283ef95c6b4db1d21e0f79f64320b0864163c6bbb0d60b252330724f61510082627a239a3072f","ssdeep":"1536:Znu00HWWaRxkqJg09pYxoxDKcXJrg8hXXO4dK3kyfiLJBhdSZE+I+QI7rbaN1RUi:ZdkWgoBTcZRQImW42q5sE","tlshash":"00932add72d2b02257ab31bd107f540ff136195a280d8450f268e8f9bc78a4aa277f6d","size":94726,"data":"","first_seen":"2023-06-12T12:38:16Z","last_seen":"2026-04-18T12:51:41.328814Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/js/jquery.flexslider-min.js","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b22ba873303e38db52d334001c9c35f","sha1":"659986c36a7f19a2662ed3c5a000e1de11e36923","sha256":"0e5d72c20e148edca04967ab4bff432f44264779dc5ecd81bd710eb487fdd145","sha512":"689a77a8e0165a1c08b71697ee5392e1a1fb796a55076de052ab8c052df9faf48b6c57ecc4035e5da71bc3985ad8fb1344954a5c8d1957375d76d236e508288b","ssdeep":"384:6mE4TjopcnfxNiYK0E8g8MXromIsnBscyVTnmhrpb0SXEk98Ve6:Rr86npNx3sro5sjG+tbjUJVh","tlshash":"2da28324f2503972cfe722ae7e0fd40669b3d441e816c83d3a3d574a2d641859b33eea","size":21414,"data":"","first_seen":"2023-03-07T13:50:43Z","last_seen":"2026-04-18T12:51:41.28832Z","times_seen":399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethash.icu/","fqdn":"bethash.icu","domain":"bethash.icu","tld":"icu"},"ip":{"addr":"104.21.33.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6f9d62cd1b06b88e02e52ccaf1813661","sha1":"abe7e5121830ce212ad7d34f87bb082a4edbed40","sha256":"17b9ca98aa6ac9daebb2c4556914e62caab61737f1a2eabbc94068b64fa83758","sha512":"06768a62eb11ecfa8f06feae1521ed887dcc51aaa55867db0a38b14190e4b6e7b8bce0f8a6122b3a100b332442f2079c02a459390b5689497e4fa1b548e853c5","ssdeep":"","tlshash":"4990028016c20403cc248422811007733371004088146027c6c640cb804cc32629531a","size":54,"data":"","first_seen":"2025-05-28T04:51:10.489096Z","last_seen":"2026-04-18T20:07:52.05622Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/assets/login.4af18a7f.js","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"326f993fcf46a737902c9eba084f110c","sha1":"44a183bb22cbd17afaf2cc11a95098ca3d18008b","sha256":"b4b44bcf0e547c0f150691b55fab3d06c3787ee99b4c47780d5efad16a875dc4","sha512":"5fab21f48b7e34cf779de3d2c1c86268c9dbf551e12f2bc018238e072063f110b6de9da931569f04aea69b2cbc92d0e985d0a5b860971cd73a5869e5d8e29f92","ssdeep":"","tlshash":"8361be9af81e8a3ac9765544c4b6240c390d2ff46250af7f5cf88e253fd5e6d270e2a0","size":3299,"data":"","first_seen":"2026-04-17T00:42:36.056852Z","last_seen":"2026-04-18T20:07:52.022667Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.turing.captcha.gtimg.com/tgJNCap-global.c89bafa8.js","fqdn":"global.turing.captcha.gtimg.com","domain":"gtimg.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"434fc1a424b9e1c7fe931f240c16c080","sha1":"4bfb6cde69dabc4bf8de129f2541c95b5daf80fc","sha256":"d0b7ae0a0a87c008aa6ba0575518785fa53d24bac0661a7ae52287813877d2fa","sha512":"a5b4716d0b0bed50cb3c431e6f9f4eca5471a59e67ef8e92f9dace5cc38aec8d91baf636eba5ecdabcdc4d886756ab98b0c491d0f797245946ccbc94bcb6afde","ssdeep":"12288:skViGKDQc49wxGl1OmDttStYc3sT2xsU2qCgSMFC1wi5Kw9w5Am8FKk8JWDWiRIF:aRDQcjGlYmrTDWiRIB/","tlshash":"f9e41a407ad0a85d035b4f7b732bb1e6f85e0d6eb888488ff145bc9095e952bf9e0670","size":711313,"data":"","first_seen":"2026-04-01T08:03:24.041324Z","last_seen":"2026-04-18T20:07:52.033606Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/cap_union_prehandle?aid=189999718\u0026protocol=https\u0026accver=1\u0026showtype=embed\u0026ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTM0LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTM0LjA%3D\u0026noheader=1\u0026fb=0\u0026deviceToken=v3%3AAqCh%2F9igof%2FYMW0xoIXEnN7X7yMJbZ1Fg4%2FcPh%2BxoLTfIgFq8ELDagQ4bRKpDBBAp3YmAsRL70tsKXArJfu%2FSP%2FAZ87VZYi7nBe6GcPdE%2FJ8T13bWvROlQ0lYDBTGpZbRFePBCrMuo5U2BOwd7XeVBB4Civ%2B1X6ddiIJE99Cb99aT4GTq8DT0HhaJokgkj%2BrgdijoNsvAfFNwjllcG%2Bvg5OnG1Y1NSfNtxSWGEHjjF9%2BtIaiblTz2WYzRKXgaoEO0PVehceYSxEzR8jVXSpwYyq8vq5Gnfe7o%2Fegu89qKvwYgUrbon2nVSI%2Bh5pK3mZWRFJpZxMR0pLQ93PuEYWf%2BfFHF9hTQw64ci5RvJjvNkCFxCMnEDxDzSzpYfYopXpjgHkJ4OmDCfJqoh1McLjuzOFplkQUcEsYRfYimWRwL1E7eGvrLKJmDGGux6o2RXi6aFKHuLGyLraTllMa0TzZWYy5endIQlqBpaE4vP23muoB\u0026isJsVersion=3\u0026aged=0\u0026enableAged=0\u0026enableDarkMode=0\u0026grayscale=1\u0026clientype=2\u0026cap_cd=\u0026uid=\u0026lang=en\u0026entry_url=https%3A%2F%2Fbethash.bet%2Fregister\u0026elder_captcha=0\u0026js=https%3A%2F%2Fglobal.turing.captcha.gtimg.com%2FtgJNCap-global.c89bafa8.js\u0026login_appid=\u0026wb=1\u0026subsid=1\u0026callback=_aq_510006\u0026sess=","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"925db589aaaa2f84c7ec51ba59d4c7e5","sha1":"aad4464a6c48fbbe0d54b78f8661f6f9eab4e155","sha256":"0c8a0e311aeb96049fcfd41ffe3dec928f36579e51f2d0c771779a7bcdc9b0ed","sha512":"80799d2b91f4a831ea5d6abc598a8e5e9f91f7f48c861ddec810a50043ef4ea7b905fc4bb52522cd0df8f4b3b821e689fd761e9dbfc8223a77e28169d56cfcbd","ssdeep":"","tlshash":"d451e876475a60ab9da029d8b646f01594f33011c6c01fba96f95d14c71cae93b1b18e","size":2734,"data":"","first_seen":"2026-04-18T12:48:06.588886Z","last_seen":"2026-04-18T12:48:06.588886Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/index.html","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"71ee47be4865157c8486d0623d2028e7","sha1":"fabbf560bf90d47c77cf84195be37d85b7be14c9","sha256":"5a7a572e4f2552e4b3ffd0df68a569010b1dc263f1a938de1f7de17c2764e276","sha512":"09864bfdbf5f3243491c9f8bcb6861a8643342fb6011006a87c28b01828e5482a640767c3f288091455a60f23f43e90edf23321a72497822553db518e8c7c3cb","ssdeep":"","tlshash":"e611d07b0a72901c9326e01f7039998d35b484267f21da56f0f8fd3aacd4f15446fa9c","size":921,"data":"","first_seen":"2025-05-28T04:51:10.497562Z","last_seen":"2026-04-18T12:51:41.326967Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/index.html","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4778224eb4e1e0daeac8fa6db197451a","sha1":"943d62e9ef0eb8eafdbaa6e8bd929ef41087b010","sha256":"ab0c9a7111c90a7779f7c69414eb713583889d032a1e1bddd6c6994e53d41b35","sha512":"e4b6bce7619836ed401d7a20cd3edd686ecfca49df1543db874a7dbf44f000467ab4b9a6ffd86dfac3edc634feacc68ec5d6aa2f7ff8b0ff9916903cefc41bc0","ssdeep":"","tlshash":"b0d02b0f2c16183c2366046c1176e98cb161544c507ed10040dde8424560ec3182df88","size":254,"data":"","first_seen":"2025-05-28T04:51:10.498896Z","last_seen":"2026-04-18T12:51:41.327901Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethash.icu/","fqdn":"bethash.icu","domain":"bethash.icu","tld":"icu"},"ip":{"addr":"104.21.33.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"96f556c9f935ec91863f12ff30b5ad17","sha1":"cfd7877551ee73617f34357c7c36b9676db9e66c","sha256":"f29aefa3b7aab3e681faf32b56c9b150fce023d14377a140f54477abeed6c3e6","sha512":"f69f45703ee64edcc4c186621c9a9965ef6630bc67b4e5c8a3c969f1de5dd7778133f129896686683e751683bc45ec2b97b9c93332d722c9c691d0f9f30962a6","ssdeep":"","tlshash":"eaa002ef400141071ad516b7ad063504615700ee594c9502d6028a903215b6f95a76ab","size":60,"data":"","first_seen":"2025-07-08T02:43:56.14383Z","last_seen":"2026-04-18T20:07:52.05933Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-18T20:29:49.366224Z","times_seen":85684,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/register","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e5eb8703c542a15b6640cc66ffdbdf3","sha1":"586bac1512796bf6908bd1a009c4428507779d5f","sha256":"242a44bbd02b7d5650adc74d446f44b7b42745e30ef1249ee46347290957867b","sha512":"080bf55f38be4827ee6807af62b6e37d8cb08147c718aad9bf103fc303bca1a41df7107e67c1836f98e6c49623a1979efc9422910129075f7eeddc4e3e398952","ssdeep":"","tlshash":"38c08c88211b0cb092e62b414bbfe204b08a3212949069213d0f73088f20e07e744824","size":192,"data":"","first_seen":"2025-11-03T09:27:19.940714Z","last_seen":"2026-04-18T20:07:52.055225Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-EV1YS9GR4D","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3addcf2b8c9f8d968a8f6abfac7b7492","sha1":"0b53f8f2448ed7db92671e41d7deb55118712467","sha256":"04430404ec305b6905e033812c96f5303bde8956b41751f7a6008d7d5f2839d0","sha512":"15faf942dc9fcca14e26c6195dfa68ee1e57d0eb28bf7889c6d7cc1912eca895e2a9b8861f7a05da0a4aa44beb986aeea9e294b5f833abfdf02d35c699810aac","ssdeep":"6144:jF4OjKg7CA4MRBRfrJPj8B3v0yIjwcHCpLUgW6w01V91XG:x7t4MtfrJL8p5WOW","tlshash":"67a409ceb3d674625396f478903f018ba57b28a2b44cc89af189cce42d7465a4277f7c","size":473272,"data":"","first_seen":"2026-04-18T12:45:36.447503Z","last_seen":"2026-04-18T12:51:41.321297Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/TJNCaptcha-global.js","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f54a9725d467aa5b83da934abe6898c","sha1":"7a22abada5e5bbb0a73ee548ccf8cf0544bafa14","sha256":"71e6fd2d67cddb60983bca18452d0cc29513ebb31c7e6bdb9cdf48073b8d627e","sha512":"04dcefb913958bc4e2f134695e1c0ed43c5aba28c1e6c223fc6df9727a5edbf03a8e9bbe5fbae25881044b531209027e4f40b77b27c600a3e7c01891d27a8b53","ssdeep":"12288:wKkkZEAi1UFtNgKsuPEX77Ng6RXvWbiqQFb6tDITMzvs60jr0lUirMcDkwqBwmho:xPEoFtNgVuPEr5qR0fwMHvpkv9ossWCq","tlshash":"2c15b84077c07849539b8f3bb32bb5f6f81a0c6a3d98448bd600fc5466e6627fae5931","size":903500,"data":"","first_seen":"2026-04-01T08:03:24.05058Z","last_seen":"2026-04-18T20:07:52.0514Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/js/jquery1.9.1.js","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6131fa1b49aa9af97cd8dbc5e6c1abf","sha1":"337e52292defcb737a997ffe12709baf3f3e52bf","sha256":"28461bdb3d26e84e6ac6748d6192516ea0e058f1475ed0195ddb8e98f4d01b1c","sha512":"fd272ae8022558d7515347f51b6a11d1accfcfcb34a9fbf6f60993f1a0a52495c791f53cce59aa6206f59aad37e9e90f36c52500380e923121c7e50b9b665cd3","ssdeep":"1536:9RGu+0mf0GlH5+gdK0VorwDAd7c0Fz51bdEZpW+03c:9UffR+KK0VorUAdo+16T","tlshash":"a2633af550d4803323e0e3da135285d2f7a384be3e17dc5af268ff5853a0e1aa197a56","size":69934,"data":"","first_seen":"2023-03-11T10:52:10Z","last_seen":"2026-04-18T12:51:41.279847Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"74312d9fd3d0d77a65b4edf6f7a9d543","sha1":"f8f99b78a90612dba2ab0f2f96d35ef3c77cd3c6","sha256":"e3932ed210d0dfb6820eacc496a3e5a609b8f011515b9324fe93b5d956a11f08","sha512":"12b6bcebb7867a2385206e03146b39db530208a5265d2e19423d7072042b085c883f48ba1d0757d1c27e624ae66da318eef2727806baf1c8caaec3df92c16312","ssdeep":"","tlshash":"52c080a34153d81c5125c151f471705c155d4e7457674c835d536e3eccbca9484e94dc","size":169,"data":"","first_seen":"2023-03-07T12:43:11Z","last_seen":"2026-04-18T20:18:04.024471Z","times_seen":5119,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"bce62483fdf9fc18601f2db87639e7a2","sha1":"9308730e4e3cbf5408e506959214e912d5d74915","sha256":"07077b1322f5bda0df74fc8d1418594d7ce029f77f12128237f1b2ea3b346c32","sha512":"db8ad31a9b764e694cfb75c6996b31ba5ab586611110c83c8e9da805a9de898c4f8775378679f52f63d4ce2781fcf72308cdbf022e7e5e4c881b75881d2c377b","ssdeep":"","tlshash":"71d0c2a19d8a68288169f1e070300aad7a27438aab580a3460f33a61a24e29124668f9","size":274,"data":"","first_seen":"2025-05-28T04:51:10.505942Z","last_seen":"2026-04-18T12:51:41.331212Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"m.dogecoinkan.com/public/upload/other/2018/08/02/7fb2a96e41614bc90f1a3080ca655e65.jpg","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:35.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /public/upload/other/2018/08/02/7fb2a96e41614bc90f1a3080ca655e65.jpg HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/index.html\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:36 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-43d72\"\r\nexpires: Mon, 18 May 2026 12:47:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W2RV%2Flg0yuY42zkO6QYY0APy8DnWo2hnHWWEao0lHDzjrU5hnfqs0%2FfIXz57rWVhHY9WgaVYmk4t7ou3qfvGRiRTum21H1JAx22xfFDFSxlRNYWMiYaOyAK6es%2FrqWYf6ikt4g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c765c915b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":277874,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x578, components 3","md5":"c3c3bacf287f0c88449f31e7c9f597cd","sha1":"a32f90176c3f377ef63c2fe30d2da58f4e6d5794","sha256":"031fa5681990eb0b1165ed55bbd8b875e16fb781c04d5137acc8fb65b9ebe681","sha512":"7b0a6c457dc8c7af57ae2eb223e8551cc6fbd8520d5815e425ee799fa08c6929c563161f3f84196613ddf1adf59c8d5f4bb655aa0df0b5f9b55256273bbbc99f","ssdeep":"6144:jJSZbDzKPEED+0HHpp8Q2lLvayhkhnRbH0:jchzKe+ppR2LvhontU","tlshash":"f84423c5fb1f0f907b6aa19c97ce7c9e31062c3caa106d4a79b56d8857853b48e04df8","first_seen":"2025-08-14T04:55:24.324412Z","last_seen":"2026-04-18T12:51:41.311485Z","times_seen":14,"resource_available":false,"data":null}},"time_used":1581,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":913,"receive":668,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/images/12.png","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:36.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/images/12.png HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/template/pc/skin/css/index.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-e62\"\r\nexpires: Mon, 18 May 2026 12:47:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ii77p1ouFzfBSlVyxyw7KkXYaAu0qTw%2BHxCFsbkil43AjwmhEAmyRc%2B4cex6y0Wiko46Mmz0cVl4bIldf1XjEG9Ru3X5J5iaMSSiw%2BhSWcWJSZ8YdlI2nH4r4CdzRvP2tDXULw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c76d896bb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3682,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 47 x 37, 8-bit/color RGBA, non-interlaced","md5":"0ed0cbe7e97083ae18662669ed290094","sha1":"f2232ad563543d759e6ed5715b953dcf441562cb","sha256":"2d32d60196dceb8022524f1d60bf91af5cec4fb59692eea458f6fe0dd0cd8b12","sha512":"33dab0aa08638068f0e729e00094798b39b6209188a4412cf68fb7d124b0e6e0b6791d3209931567fb656eb7ae330ca7997202c1c3da9e99881bd0adec38ccc5","ssdeep":"","tlshash":"8c715f899854496a100a0bf9247bde45473fabd4539d1e1c9ebfc20fca20d523c7579e","first_seen":"2025-08-14T04:55:24.33076Z","last_seen":"2026-04-18T12:51:41.285168Z","times_seen":13,"resource_available":false,"data":null}},"time_used":721,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":721,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/assets/loading.b8c8cec7.gif","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:40.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 09 Dec 2025 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:22:2C:06:7C:F7:60:E2:00:D8:75:A5:16:3C:F0:6D:35:12:F6:A9","sha256":"A2:B0:3C:02:0F:09:7A:78:65:5D:9B:E6:20:FC:1A:99:B6:C6:33:AF:64:FF:07:B3:78:1D:B4:83:04:C8:B1:FF"}}},"request":{"raw":"GET /assets/loading.b8c8cec7.gif HTTP/1.1\r\nHost: bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/register\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 274364\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:45:55 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\nexpires: Mon, 20 Apr 2026 12:45:55 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: \"69de49f1-42fbc\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a0228782537cf4c86245da194c3750e4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 9apkQYR1D8TAciNDu0pis0gJ5CZm39ODGq6RKuHaCgSRbIk7retUkA==\r\nage: 105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":274364,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 353 x 370","md5":"8d744031c2bfe2012884005c5c4b7360","sha1":"93f681b4d3c1f32a64f74215c110ceb06c23f165","sha256":"b8c8cec7becdadf09e1112be6962c55d57cb1b5bd61e68e3e60c0a925f00615f","sha512":"5e2e2d2195e432ba2403b83c5c1e6d52e34887fc5d6b9d79bc69adccd09b4b9fe60dd60d5dee9c250c20da30a6fbf1e245257997b624d3596fcb34e15d3b19b3","ssdeep":"6144:GvsVFdYaDyl+ikVjnIZJNhS6kNnYut3yobI4NsyxhEr:GU7/ylvkVjIZJ7SeutiokIREr","tlshash":"b94412d74f5a4ffec8371126606a53db2ca71e80bcf3e1b41b52e69445b2928a04f5f1","first_seen":"2025-05-28T04:51:10.47814Z","last_seen":"2026-04-18T20:07:52.030831Z","times_seen":42,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:44.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"OPTIONS /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://bethash.bet/\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:47:44 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.icu/","date":"2026-04-18T12:47:37.919Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 314\r\nOrigin: https://bethash.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/data/1941/forward","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:44.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.qcloud.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 15 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"97:D5:C4:59:CC:DB:39:C1:09:48:A2:5C:F1:CA:F9:65:FD:86:E4:8F","sha256":"A6:65:54:11:17:3C:C3:1A:6F:AA:C1:D8:E6:1D:0F:59:2D:E8:DF:E7:8F:D2:BB:F9:40:83:5D:1E:01:65:D9:30"}}},"request":{"raw":"OPTIONS /data/1941/forward HTTP/1.1\r\nHost: ca.turing.captcha.qcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://bethash.bet/\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 18 Apr 2026 12:47:44 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccess-Control-Allow-Headers: Authorization, Content-Type, Origin, Referer, content-type\r\nAccess-Control-Allow-Methods: GET, POST\r\nCache-Control: no-cache\r\nServer: JPrxServer\r\nAccess-Control-Allow-Origin: https://bethash.bet\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":148,"timings":{"blocked":62,"dns":0,"connect":20,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/index.html","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-18T12:47:34.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /index.html HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:47:35 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sat, 28 Feb 2026 06:00:36 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qf0OazjytQ4FMVbdmzCZp7DAKhiEmDnjRoSxOnDijIUyjyeEsQnbz2H%2BeZQ%2BdNapOsbOVt7SHpgWkqqYHciU6Z6lGsl63mqz5IaJ6B%2BodtigCpOp6juOISRrJgN4g9wuyOoXDQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ee3c762ec4256a3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11526,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (587), with CRLF, LF line terminators","md5":"0c1ba6cedd1efc3efe4d1b0d470ea608","sha1":"51a8cab4effb4c49589e16d7d0a4c4345427ac28","sha256":"0d5fcf5a46a480a6c8964da6649d31f3e5c8bd78c6c3220529c937591af32306","sha512":"5bb55564950e065a4f3717f0ef3ddf3e203d70889b814cc98d5f876ae7939904ae2a11e11aca89d036dc0e03ff7cefd2d110577dac0b1acfe177e70ba0a1bef0","ssdeep":"192:KI8FM5wEszj04KkHMSlg2V18Fhsax2sw3YehQ3OWgwR1PtQkDk1U2lIBSZGJz2mD:K3xEszjFK4zl9VIhs82roEI/fz17Dk1A","tlshash":"6d321e2166c418170372b0d855703f08eda1fb52fb9659c772eeba9b5b60fdd4d0b888","first_seen":"2026-04-18T12:46:26.935911Z","last_seen":"2026-04-18T12:51:41.284141Z","times_seen":4,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/js/jquery1.9.1.js","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:35.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/js/jquery1.9.1.js HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/index.html\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-1112e\"\r\nexpires: Sun, 19 Apr 2026 00:47:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TljDRpUP%2FPm7i%2BXo35C%2FWLhWEJeOvC0Gb%2F03vwI7KzDHe5pEks21OLOFFk8PKv7VxXdk9DhRPWhaxgDY9UaQFeTNJh51qmTHFY0Hk6K8%2B8YGpaEJwjI2Ps10039rRWO5XfFYgg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c765c90fb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69934,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f6131fa1b49aa9af97cd8dbc5e6c1abf","sha1":"337e52292defcb737a997ffe12709baf3f3e52bf","sha256":"28461bdb3d26e84e6ac6748d6192516ea0e058f1475ed0195ddb8e98f4d01b1c","sha512":"fd272ae8022558d7515347f51b6a11d1accfcfcb34a9fbf6f60993f1a0a52495c791f53cce59aa6206f59aad37e9e90f36c52500380e923121c7e50b9b665cd3","ssdeep":"1536:9RGu+0mf0GlH5+gdK0VorwDAd7c0Fz51bdEZpW+03c:9UffR+KK0VorUAdo+16T","tlshash":"a2633af550d4803323e0e3da135285d2f7a384be3e17dc5af268ff5853a0e1aa197a56","first_seen":"2023-03-11T10:52:10Z","last_seen":"2026-04-18T12:51:41.279847Z","times_seen":29,"resource_available":true,"data":null}},"time_used":1148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":932,"receive":216,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/register","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:37.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 09 Dec 2025 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:22:2C:06:7C:F7:60:E2:00:D8:75:A5:16:3C:F0:6D:35:12:F6:A9","sha256":"A2:B0:3C:02:0F:09:7A:78:65:5D:9B:E6:20:FC:1A:99:B6:C6:33:AF:64:FF:07:B3:78:1D:B4:83:04:C8:B1:FF"}}},"request":{"raw":"GET /register HTTP/1.1\r\nHost: bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.icu/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:47:38 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\netag: W/\"69de49f1-466\"\r\nvary: Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a0228782537cf4c86245da194c3750e4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: hJQbDtSDQNhq7PKslHvUG5mzKWfRWkwMFGcfS_UFsqfDQtv6H1hsjA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]}],"data":{"size":1126,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (756)","md5":"befed1a1a13e1af29ee973fe11f593f7","sha1":"162cd8b2633e0f8e1303a85e4e89c217e3a21c4c","sha256":"91bd88ead0a80e2415c329c577385977439f14fb9183c57fd5cbc0c4e500bfe4","sha512":"b83158162f6242263325ddf2006542e80892e72343e71c7ee7534176dae1097e0ad6081a98db96bc35babe0067503f7f7ff9081b291a4b4a6bfd153ddfd88cff","ssdeep":"","tlshash":"062123d7dc11e91d52208a9475b0f20c85869a0ddb53dc9c95bd50368a24b9e8c75c64","first_seen":"2026-04-17T00:42:36.073334Z","last_seen":"2026-04-18T20:07:52.018241Z","times_seen":9,"resource_available":false,"data":null}},"time_used":645,"timings":{"blocked":76,"dns":42,"connect":2,"send":0,"wait":492,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethash.bet/api/getConfig","fqdn":"api.bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.47","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:40.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"86:2B:30:37:50:F6:61:76:8A:6C:6D:7A:B3:11:E8:CF:20:CD:5C:01","sha256":"C4:5A:3D:6D:5A:90:2C:4A:57:BF:0B:B6:77:9B:C1:D6:1A:C7:CD:B8:83:F8:E5:10:AF:7A:01:1E:DD:65:43:7B"}}},"request":{"raw":"OPTIONS /api/getConfig HTTP/1.1\r\nHost: api.bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,langcode,user-device\r\nReferer: https://bethash.bet/\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\nallow: GET,HEAD\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:47:39 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: lziETmCFhc4gIrd8Wc3mqVGuDbejXvK_fhxhDi3zhunpr18WpSGjzw==\r\nage: 1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:44.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"POST /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/json\r\nContent-Length: 5547\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":5547,"data":"{\"channel\":400058,\"platform\":4,\"events\":[{\"id\":\"EId_TId_GT_Start\",\"content\":\"{\\\"t\\\":1776516462604,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\"}\"},{\"id\":\"EId_TId_GRft_Start\",\"content\":\"{\\\"t\\\":1776516462605,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\",\\\"dur\\\":22}\"},{\"id\":\"EId_TId_GRft_End\",\"content\":\"{\\\"t\\\":1776516464067,\\\"ret\\\":0,\\\"msg\\\":\\\"{\\\\\\\"ftCode\\\\\\\":3,\\\\\\\"dur\\\\\\\":422},{\\\\\\\"ftCode\\\\\\\":4,\\\\\\\"dur\\\\\\\":8},{\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":5,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000319,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"Notification is not defined\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":0,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000318,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"obtain timeout\\\\\\\",\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":9,\\\\\\\"dur\\\\\\\":982},{\\\\\\\"ftCode\\\\\\\":10,\\\\\\\"dur\\\\\\\":354},{\\\\\\\"ftCode\\\\\\\":11,\\\\\\\"dur\\\\\\\":422},{\\\\\\\"ftCode\\\\\\\":12,\\\\\\\"dur\\\\\\\":614},{\\\\\\\"ftCode\\\\\\\":15,\\\\\\\"dur\\\\\\\":1014},{\\\\\\\"ftCode\\\\\\\":16,\\\\\\\"dur\\\\\\\":869},{\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":17,\\\\\\\"dur\\\\\\\":869},{\\\\\\\"ftCode\\\\\\\":18,\\\\\\\"dur\\\\\\\":870},{\\\\\\\"ftCode\\\\\\\":13,\\\\\\\"dur\\\\\\\":905},{\\\\\\\"ftCode\\\\\\\":14,\\\\\\\"dur\\\\\\\":976},{\\\\\\\"ftCode\\\\\\\":2,\\\\\\\"dur\\\\\\\":1418},{\\\\\\\"ftCode\\\\\\\":3,\\\\\\\"dur\\\\\\\":422},{\\\\\\\"ftCode\\\\\\\":4,\\\\\\\"dur\\\\\\\":8},{\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":5,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000319,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"Notification is not defined\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":0,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000318,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"obtain timeout\\\\\\\",\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":9,\\\\\\\"dur\\\\\\\":982},{\\\\\\\"ftCode\\\\\\\":10,\\\\\\\"dur\\\\\\\":354},{\\\\\\\"ftCode\\\\\\\":11,\\\\\\\"dur\\\\\\\":422},{\\\\\\\"ftCode\\\\\\\":12,\\\\\\\"dur\\\\\\\":614},{\\\\\\\"ftCode\\\\\\\":15,\\\\\\\"dur\\\\\\\":1014},{\\\\\\\"ftCode\\\\\\\":16,\\\\\\\"dur\\\\\\\":869},{\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":17,\\\\\\\"dur\\\\\\\":869},{\\\\\\\"ftCode\\\\\\\":18,\\\\\\\"dur\\\\\\\":870},{\\\\\\\"ftCode\\\\\\\":13,\\\\\\\"dur\\\\\\\":905},{\\\\\\\"ftCode\\\\\\\":14,\\\\\\\"dur\\\\\\\":976},{\\\\\\\"ftCode\\\\\\\":3,\\\\\\\"dur\\\\\\\":422},{\\\\\\\"ftCode\\\\\\\":4,\\\\\\\"dur\\\\\\\":8},{\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":5,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000319,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"Notification is not defined\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":0,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000318,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"obtain timeout\\\\\\\",\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":9,\\\\\\\"dur\\\\\\\":982},{\\\\\\\"ftCode\\\\\\\":10,\\\\\\\"dur\\\\\\\":354},{\\\\\\\"ftCode\\\\\\\":11,\\\\\\\"dur\\\\\\\":422},{\\\\\\\"ftCode\\\\\\\":12,\\\\\\\"dur\\\\\\\":614},{\\\\\\\"ftCode\\\\\\\":15,\\\\\\\"dur\\\\\\\":1014},{\\\\\\\"ftCode\\\\\\\":16,\\\\\\\"dur\\\\\\\":869},{\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":17,\\\\\\\"dur\\\\\\\":869},{\\\\\\\"ftCode\\\\\\\":18,\\\\\\\"dur\\\\\\\":870},{\\\\\\\"ftCode\\\\\\\":13,\\\\\\\"dur\\\\\\\":905},{\\\\\\\"ftCode\\\\\\\":14,\\\\\\\"dur\\\\\\\":976},{\\\\\\\"ftCode\\\\\\\":2,\\\\\\\"dur\\\\\\\":1418}\\\",\\\"dur\\\":1484}\"},{\"id\":\"EId_TId_GRisk_Start\",\"content\":\"{\\\"t\\\":1776516464104,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\",\\\"dur\\\":1521}\"},{\"id\":\"EId_TId_GRisk_End\",\"content\":\"{\\\"t\\\":1776516464593,\\\"ret\\\":0,\\\"msg\\\":\\\"que:0,dns:0,tcp:0,ssl:0,req:0,res:0,ttfb:0,total:484\\\",\\\"dur\\\":2010}\"},{\"id\":\"EId_TId_GT_End\",\"content\":\"{\\\"t\\\":1776516464597,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\",\\\"dur\\\":2014}\"}],\"buildno\":200500,\"uuid\":\"872e4a144ec64b77994ced7f5d92d91a\",\"seq\":\"86379787-3c48-4646-9a03-66985c712e2c\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:47:44 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:44.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"OPTIONS /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://bethash.bet/\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:47:44 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/css/public.css","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:35.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/css/public.css HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/index.html\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:36 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-d9c\"\r\nexpires: Sun, 19 Apr 2026 00:47:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RlZkZ2%2FVYAb9rlTzftzzcFVe1kAXiHALdQp6m1qRdJhvO0K4F6D2Z93XmQvH2PKd1vLdpk%2FPXE7WLZW4nK84qnOc0W6KTca29o14Xy%2B0txcOHldLHGLs0KItlQjDvTf0GSNr3w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c765c90db500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3484,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, Unicode text, UTF-8 text, with CRLF line terminators","md5":"7ac434dd3e97b917cd31012ecf566682","sha1":"7e0a3ceb090b7ec7f52c26d73cb9880e49c26b3b","sha256":"64993db5014254d5202f10cfc782d5e4081eb310495f2244055cda8d8f58ea69","sha512":"af7d6dff82432c201e82b22d252112beccb245f90345a116de46ce5c85466854ffb79dcf556ef4dfaf17b4a72a8958830979c3bb3c6514faaab03696002d48ee","ssdeep":"","tlshash":"8e71219c676871cfa203eba9b7b15b389f5d40a46f0f412df5f4bb21a18a0142a735d1","first_seen":"2025-08-14T04:55:24.35237Z","last_seen":"2026-04-18T12:51:41.31041Z","times_seen":16,"resource_available":false,"data":null}},"time_used":726,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":726,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/images/3.png","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:36.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/images/3.png HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/template/pc/skin/css/public.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-d16\"\r\nexpires: Mon, 18 May 2026 12:47:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y3%2FvxX6PtmCrLZAjtVExQLLcBUKIi85Um3E2mdBRIV7rhfu79%2BnTfsKkhB5Y9vH%2B9vCREj1uX4kcG0puaH5Gj5AG1CUtdeqkPirFB5gKoLwzCHdy2bf%2Bbw6%2BAMiDbm7Z3fFDgQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c76d7966b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3350,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 31 x 31, 8-bit/color RGBA, non-interlaced","md5":"69149bb0de47b5087552b53f6888407e","sha1":"a928445d89770abcba9d86e63b70af420efac9ec","sha256":"7afabec03692027a88a54079297e1ba8d76d827909ecfcf22ad9352e49ae973f","sha512":"c7912a7ea943df9ab08b605cb5f2dacc013b74e07464b8267f82ab6cbdce182bd374594ff94e7790cda1dec7e210511eff7b3daddb665e3e70cbf2dc04a9f8d5","ssdeep":"","tlshash":"63615c8899400d2d108e0aa9216bda0d4e37aad4836d5f1cedbe821f8620d913c7576b","first_seen":"2025-08-14T04:55:24.294411Z","last_seen":"2026-04-18T12:51:41.286163Z","times_seen":16,"resource_available":false,"data":null}},"time_used":719,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":719,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/assets/login.4af18a7f.js","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:38.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 09 Dec 2025 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:22:2C:06:7C:F7:60:E2:00:D8:75:A5:16:3C:F0:6D:35:12:F6:A9","sha256":"A2:B0:3C:02:0F:09:7A:78:65:5D:9B:E6:20:FC:1A:99:B6:C6:33:AF:64:FF:07:B3:78:1D:B4:83:04:C8:B1:FF"}}},"request":{"raw":"GET /assets/login.4af18a7f.js HTTP/1.1\r\nHost: bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bethash.bet/register\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:45:53 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\nexpires: Mon, 20 Apr 2026 12:45:53 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: W/\"69de49f1-ce3\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a0228782537cf4c86245da194c3750e4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: bSlpKp1bYVescdr0BvSAVTrgb6-FeVmI2sHBFEIv2cYQL2TkZiI9gQ==\r\nage: 105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3299,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3298)","md5":"326f993fcf46a737902c9eba084f110c","sha1":"44a183bb22cbd17afaf2cc11a95098ca3d18008b","sha256":"b4b44bcf0e547c0f150691b55fab3d06c3787ee99b4c47780d5efad16a875dc4","sha512":"5fab21f48b7e34cf779de3d2c1c86268c9dbf551e12f2bc018238e072063f110b6de9da931569f04aea69b2cbc92d0e985d0a5b860971cd73a5869e5d8e29f92","ssdeep":"","tlshash":"8361be9af81e8a3ac9765544c4b6240c390d2ff46250af7f5cf88e253fd5e6d270e2a0","first_seen":"2026-04-17T00:42:36.056852Z","last_seen":"2026-04-18T20:07:52.022667Z","times_seen":9,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethash.bet/api/getConfig","fqdn":"api.bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.47","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:40.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"86:2B:30:37:50:F6:61:76:8A:6C:6D:7A:B3:11:E8:CF:20:CD:5C:01","sha256":"C4:5A:3D:6D:5A:90:2C:4A:57:BF:0B:B6:77:9B:C1:D6:1A:C7:CD:B8:83:F8:E5:10:AF:7A:01:1E:DD:65:43:7B"}}},"request":{"raw":"GET /api/getConfig HTTP/1.1\r\nHost: api.bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: \r\nlangCode: en\r\nuser-device: 2\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:47:40 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: tT1cPqQWOyDYL9fN4P2vrCdzaLy-32L9gftVlykqA3BkxCexlk1L_w==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":29414,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7b6a443dc05b25c555c97176309397d4","sha1":"7246b295b1a913729f199c91dbaa1a819885d945","sha256":"91fac140307cc157d0f90a1085673ac12f60fc66c3eec8d1cfcd41cfc6eb1ac6","sha512":"a31ecf19877ff1fee9b9666d6ffc9a1d6c44bdaa397090a64c3b125fa885b2e7b9ed084cdddd73cb6bf220910ef6e579f0dc0eb2ac035398ec617613a9f2d7b5","ssdeep":"384:bS6GbOAGS616ttXj/pGEI4ttXjJGpswTLwejI2WwbY:bS8SttXjB64tXj3ejIfw0","tlshash":"06d263bef7fc68a145f141c00d97765b16da31086fca4ca896fbce5c43885a41b2f29b","first_seen":"2026-04-18T12:46:26.95481Z","last_seen":"2026-04-18T12:48:06.575094Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"global.turing.captcha.gtimg.com/dy-jy3.js","fqdn":"global.turing.captcha.gtimg.com","domain":"gtimg.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:42.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.gtimg.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 24 Feb 2026 00:00:00 GMT","end":"Wed, 24 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"BA:08:F4:14:CE:A1:19:41:5B:1B:49:47:36:ED:5D:D9:75:EB:21:B8","sha256":"1B:6A:3C:E4:2D:7F:45:5A:83:7F:AB:6F:F6:D8:95:42:54:4E:56:C7:0C:45:D1:05:D6:A0:4E:78:62:A2:88:5D"}}},"request":{"raw":"GET /dy-jy3.js HTTP/1.1\r\nHost: global.turing.captcha.gtimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 15 Jul 2024 06:43:44 GMT\r\nContent-Encoding: gzip\r\nEtag: \"626436a6c87a002eb7e8a99c6f5f96b6\"\r\nContent-Type: text/javascript\r\nDate: Tue, 17 Jun 2025 07:43:35 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 15729484442061824980\r\nx-cos-request-id: Njg1MTFjYTdfZWVlZjc4MGJfMzk4Ml85NzNlMjk3\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 30884\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 1861942269731778765\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89391,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"626436a6c87a002eb7e8a99c6f5f96b6","sha1":"67d9732c33dc7689a98e63af2a97b0912f290762","sha256":"2a5fc3ad9f9e68e6de662de3e43661e1e8e447df0929efc64c0f067be2d9c455","sha512":"36dac1d5ea743f78e2fa1a503ce5d4448497717589529d1946edde1e474968d116bb21cea723ce8cf3cbb7d6b195d347588a0aa00473b5f41808dda1ee50369c","ssdeep":"1536:BjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:BYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"7c93f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8eabc78a4e827bf7d","first_seen":"2023-03-09T21:24:24Z","last_seen":"2026-04-18T20:07:52.033055Z","times_seen":1113,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/css/index.css","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:35.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/css/index.css HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/index.html\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:36 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 30 Dec 2019 00:52:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5e094a4e-d32\"\r\nexpires: Sun, 19 Apr 2026 00:47:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5oHjTm1b8blp%2FBqY81r%2FKcxggLyrLBHjpyohBsMGF%2BbthQNhlIRsPARtaCSD8b1RRXXj1Vth%2F0Kej%2BWQicAqRY7t9i0hl9hoQYONfIYxPj6KOM7TOfv54XTv4vHswMr2OPQ0AQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c765b90cb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3378,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"a8c6c7ce75b358288807d127150fa8fd","sha1":"58209d03fd0783adb1195c34d4bdfcafa267770f","sha256":"837f46a635330bc15fe4e0271f5d20cc1f3f60c8046bd7c8474ee616861b2ecd","sha512":"d63c4030e7ce798a6552c1d712940e80e30b6e0a683241aadbf213b874620f5bee7e0c19a7a435d9731a775c4581bca50df09e5b312825862bd811f356f6f0dc","ssdeep":"","tlshash":"f561247c492e358b730b5a99b7b19b558fd85098ab0f2adcf47468e1a15b014277f3c0","first_seen":"2025-08-14T04:55:24.298606Z","last_seen":"2026-04-18T12:51:41.279036Z","times_seen":14,"resource_available":false,"data":null}},"time_used":724,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":724,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/js/jquery.flexslider-min.js","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:35.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/js/jquery.flexslider-min.js HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/index.html\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-53a6\"\r\nexpires: Sun, 19 Apr 2026 00:47:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tCUS8rsjQ3jDX1yHtQx1U7BVMT88HLI%2Be%2FPkVvJ9zwYqxiTZP78NblVSYa9aVYWLiHQo2Zto0sAo%2BqEXs5aR4pnvviJ6VYeLMmyW%2F%2BrKcTe52j5G5kYgOPlnYgA09223rpauMQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c765c911b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21414,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (21315), with CRLF line terminators","md5":"2b22ba873303e38db52d334001c9c35f","sha1":"659986c36a7f19a2662ed3c5a000e1de11e36923","sha256":"0e5d72c20e148edca04967ab4bff432f44264779dc5ecd81bd710eb487fdd145","sha512":"689a77a8e0165a1c08b71697ee5392e1a1fb796a55076de052ab8c052df9faf48b6c57ecc4035e5da71bc3985ad8fb1344954a5c8d1957375d76d236e508288b","ssdeep":"384:6mE4TjopcnfxNiYK0E8g8MXromIsnBscyVTnmhrpb0SXEk98Ve6:Rr86npNx3sro5sjG+tbjUJVh","tlshash":"2da28324f2503972cfe722ae7e0fd40669b3d441e816c83d3a3d574a2d641859b33eea","first_seen":"2023-03-07T13:50:43Z","last_seen":"2026-04-18T12:51:41.28832Z","times_seen":399,"resource_available":true,"data":null}},"time_used":721,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":720,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/images/9.png","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:36.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/images/9.png HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/template/pc/skin/css/index.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-c4e\"\r\nexpires: Mon, 18 May 2026 12:47:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oOOY%2BTd7VOizjorprDsz8Fakanc94MAwKH1OWx0FM2xUr%2FtwBuRFSg1jGFiLdYMxea%2FbuKykVvW%2FWFsqkZ4IPNOSKVqzNfHdEumxRVgdHJPMwu3qwfM3%2BcU0HxO94bVZQXnBlA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c76d7968b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3150,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 34 x 40, 8-bit/color RGBA, non-interlaced","md5":"31bdcae8b9704397d26ae56433d13781","sha1":"f755493f925cd1cffdef21cd60f03084bf428ecf","sha256":"90bab0ea89f7269f68b0ef99ca4c38f9013705e9b7889140e5d9866e33065684","sha512":"d09d103a73e8c45fae46f218379670dce85a1e20a80985ff0799156c44ea14e9f7468ac12e7001cce843503abbbdf2983d333ca5e4324353a10531a8197593e8","ssdeep":"","tlshash":"47517d4cd845042e10490a6a31bfdc07891bfad453591e0ceebd838e8a31d71bc7a7ae","first_seen":"2025-08-14T04:55:24.281156Z","last_seen":"2026-04-18T12:51:41.28681Z","times_seen":13,"resource_available":false,"data":null}},"time_used":714,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":714,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/assets/loginbg.f742cff4.png","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:40.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 09 Dec 2025 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:22:2C:06:7C:F7:60:E2:00:D8:75:A5:16:3C:F0:6D:35:12:F6:A9","sha256":"A2:B0:3C:02:0F:09:7A:78:65:5D:9B:E6:20:FC:1A:99:B6:C6:33:AF:64:FF:07:B3:78:1D:B4:83:04:C8:B1:FF"}}},"request":{"raw":"GET /assets/loginbg.f742cff4.png HTTP/1.1\r\nHost: bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/assets/login.8d1f7ec0.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 601961\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:45:55 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\nexpires: Mon, 20 Apr 2026 12:45:55 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: \"69de49f1-92f69\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a0228782537cf4c86245da194c3750e4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: _UJqdmaO0j7YkC-A7MgZ06lG21GmWjOXx4-oE3GU-mctj2zDa5MhrA==\r\nage: 105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":601961,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced","md5":"101675f5323c83583aff47556a97ded7","sha1":"1ebc33652abd7dfa8a3a0abdfc09afe8729972ff","sha256":"f742cff408ac37fc77fcda6ce8fa4456d246c22f13a3ac389edb7e3602cea2c1","sha512":"a3e8746a879679f546b46864f1bb10dfe14c5a45adace36f24988691207592d9082b90b4199baafc8008e25735b2a0716bc249848ae930a1d8292fd988d61ae4","ssdeep":"12288:nSR2+HFgy8vHrf6MWQSQJpTuIhZbaY8zmbisk2+/4gud9TxO18uw+vil8kx:SRFJoryoJNu8bKmbisA/WT285+vilZ","tlshash":"fdd423294d67e22bc4b4a96990388c9d404798a570c3fb5ee3fc41752cebbf7109bd06","first_seen":"2025-07-02T18:11:26.557947Z","last_seen":"2026-04-18T20:07:52.050079Z","times_seen":39,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:44.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"POST /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/json\r\nContent-Length: 323\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":323,"data":"{\"channel\":400058,\"platform\":4,\"events\":[{\"id\":\"EId_TId_GT_Start\",\"content\":\"{\\\"t\\\":1776516464599,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\"}\"},{\"id\":\"EId_TId_GT_End\",\"content\":\"{\\\"t\\\":1776516464646,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\",\\\"dur\\\":2041}\"}],\"buildno\":200500,\"uuid\":\"872e4a144ec64b77994ced7f5d92d91a\",\"seq\":\"ae47c64f-9ead-468b-b159-27e0edc4d971\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:47:44 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/js/main.js","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:35.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/js/main.js HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/index.html\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:36 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-12ac\"\r\nexpires: Sun, 19 Apr 2026 00:47:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ae5OXie6fXwzAO51xWNOjkhC%2FYO8yUpDPSzNAMAdMPSFYN4GUY6VNGCssCYW4pbgTwPWfMiqPQxP45E3kfn%2FLjfOVJreuKHC4ffupv%2BY92BOUjoXXGM2ICBMF%2FLulOmXnvIy6g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c765c910b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4780,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"09616c12f6e4b9318049182006b37916","sha1":"9039a533295fd27d257c80a3fd0bc768dc4fdb1c","sha256":"c30dc6760d91fe68da63d49cb63cf73880f9cd8ce7cd053403217d5eddb2c13b","sha512":"793a723b49109744c3ab4ea8554d051b708e67bfaacf3c7853c5be6cb8592adaa31f21016feb17ae14c2fc6116e37abd6783f75bc6e23f5f1064038b369676aa","ssdeep":"96:EoHXuLyRoTrTY17eSLhvoz0gcmd/IlSoEm:Eo2yRR1HLhvoz0gcmd/SBr","tlshash":"a7a12045f129057891b63335cb3f5c19ac73484f99691864f6bc14ac2ff9b88a36fe18","first_seen":"2025-10-11T00:17:30.427497Z","last_seen":"2026-04-18T12:51:41.306518Z","times_seen":13,"resource_available":true,"data":null}},"time_used":737,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":737,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/public/upload/system/2018/08/02/8de871bfa977c5bc4273c7b90c21c84e.png","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:35.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /public/upload/system/2018/08/02/8de871bfa977c5bc4273c7b90c21c84e.png HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/index.html\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:36 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-1052\"\r\nexpires: Mon, 18 May 2026 12:47:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bjcETDRzFVW2HyDTyjvLzFHj9JT0OqzTPl4SnxBgKXBe2zPA1BsQFsgLhk4UGEPg6A5rTU91Q2crFED%2BDzBJp7FoRYYyAsWzJ0EJkxgW7jLE7aJtUUz6jtrVeHrai55dG0r5Sw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c765d918b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4178,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 131 x 53, 8-bit/color RGB, non-interlaced","md5":"e05eb8a4132b8e99c3b45187bb7df8f9","sha1":"146d600475a00f5c441b2f11345f274c50d3df77","sha256":"1410494c1643f4758561637860175dad2c6a8d1d04f276701417286c6fc48dbc","sha512":"097b4d610a69d7702345fcad07fdd7d0794fd086dba5f197cab9bd716b62f166d8c399363a225f7e3e973d9e104bbc18c2cad4bdd33e95e1ebaadd24e2bf0294","ssdeep":"96:0SMllcHitlIxv9vk7C1+I4wWHLihk/x6KNysZeuCMrI1ICML:0SHIIHUCD4waUkKh+VL","tlshash":"1d815dcc8624451f154a4fae3d6ade038e3bf5c445383d189bfe830ee511861ad393a3","first_seen":"2025-08-14T04:55:24.358465Z","last_seen":"2026-04-18T12:51:41.285633Z","times_seen":15,"resource_available":false,"data":null}},"time_used":686,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":686,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/images/10.png","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:36.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/images/10.png HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/template/pc/skin/css/index.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-e69\"\r\nexpires: Mon, 18 May 2026 12:47:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=garPPFruwgin2YJqsaEaMPePpFPO2txjarnOX9cdpdZ98WfhcQVG7e4rR6eb%2B6cR0%2Fx1VncLOSBjfKK4FtxTJDrkHQdC3K3Psybj6ivcxzRIUzofnCgghc5jPQ4UiLFknVxxOw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c76d896ab500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3689,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 37 x 37, 8-bit/color RGBA, non-interlaced","md5":"2a0fca7b4c8f5d7d9b73c6ebc9b4e479","sha1":"d250341833fb06dd800904a16dc2502b42cbdea4","sha256":"ddbf7fa13c560eee5cb5779e69d6092cde19cadbe5ce2c771cbedade34a29f82","sha512":"39f1fa39664e6674fd2f0e4ec40ec2e3c57e73d56fec4bc4279ea1825636c84613318101d003c910bb0f8a58e19537c49c9afdc4b23a89dc15afa652d9cedcb7","ssdeep":"","tlshash":"18718dc94981c116140d26b935ebee0a4939ab94a2590f14fefdc34fd920c713d36b92","first_seen":"2025-08-14T04:55:24.297244Z","last_seen":"2026-04-18T12:51:41.315124Z","times_seen":13,"resource_available":false,"data":null}},"time_used":721,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":721,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethash.bet/api/getConfig","fqdn":"api.bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.47","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:39.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"86:2B:30:37:50:F6:61:76:8A:6C:6D:7A:B3:11:E8:CF:20:CD:5C:01","sha256":"C4:5A:3D:6D:5A:90:2C:4A:57:BF:0B:B6:77:9B:C1:D6:1A:C7:CD:B8:83:F8:E5:10:AF:7A:01:1E:DD:65:43:7B"}}},"request":{"raw":"GET /api/getConfig HTTP/1.1\r\nHost: api.bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bethash.bet/\r\nlangCode: en\r\nuser-device: 2\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:47:40 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: mfzLKI8sGqcEW-9skPqMsoxnkk4NOtSNJnW3RlpCsont-Rrj7nqysg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":29414,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7b6a443dc05b25c555c97176309397d4","sha1":"7246b295b1a913729f199c91dbaa1a819885d945","sha256":"91fac140307cc157d0f90a1085673ac12f60fc66c3eec8d1cfcd41cfc6eb1ac6","sha512":"a31ecf19877ff1fee9b9666d6ffc9a1d6c44bdaa397090a64c3b125fa885b2e7b9ed084cdddd73cb6bf220910ef6e579f0dc0eb2ac035398ec617613a9f2d7b5","ssdeep":"384:bS6GbOAGS616ttXj/pGEI4ttXjJGpswTLwejI2WwbY:bS8SttXjB64tXj3ejIfw0","tlshash":"06d263bef7fc68a145f141c00d97765b16da31086fca4ca896fbce5c43885a41b2f29b","first_seen":"2026-04-18T12:46:26.95481Z","last_seen":"2026-04-18T12:48:06.575094Z","times_seen":2,"resource_available":false,"data":null}},"time_used":821,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":821,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/favicon.ico","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:37.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/index.html\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:37 GMT\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\nlast-modified: Thu, 05 Jun 2025 07:59:48 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"68414e74-423e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iEkv4uHxQtyqMXHGacA%2BNJM%2B%2BU%2F0fAZ37vB0kqhNCUyW01PM2BB7uyftiH%2Fu9bSsojtgwDEZZ6VtVVilQiwbP8p2iXTYtO3rXCv%2F%2B5O1rvopHPHpAzsjNuDYujHkHTCUBMyOjQ%3D%3D\"}]}\r\ncf-ray: 9ee3c772a984b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16958,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"c389e235ee2dbf548345e5d935df3914","sha1":"6c95444d7c528ddf1155ffba820216cbe558ef9c","sha256":"97f7cc31f8ab12cd37303681cdd703c41ea403be5d4f7a407ff23260c09c5959","sha512":"dbb92622091410f4eb37ff8e3220c1fe5ab5df23d63ff18a3a17b528058379a1ca60f89c4f909286d57c72c9a3fe1ebf6cc89e958c002db1cc7b2dd210be81b2","ssdeep":"384:xXKe0NuSG/PVSGyr4Gz4FPB9jf7YLsPktw:RtoGa4Gz4FPDUzw","tlshash":"9872e791ff0432c1e93d443e609b9d9426f939ded78d690a32687229d2e31e77e1390b","first_seen":"2026-02-23T13:17:07.918274Z","last_seen":"2026-04-18T12:51:41.292969Z","times_seen":8,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":481,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/data/1941/forward","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:44.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.qcloud.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 15 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"97:D5:C4:59:CC:DB:39:C1:09:48:A2:5C:F1:CA:F9:65:FD:86:E4:8F","sha256":"A6:65:54:11:17:3C:C3:1A:6F:AA:C1:D8:E6:1D:0F:59:2D:E8:DF:E7:8F:D2:BB:F9:40:83:5D:1E:01:65:D9:30"}}},"request":{"raw":"POST /data/1941/forward HTTP/1.1\r\nHost: ca.turing.captcha.qcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/json\r\nContent-Length: 17233\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":17233,"data":"{\"req\":{\"content\":\"XEPvGu839n5xN7cF5T6wsE/yJj/iuBAupZngG/AErFAmuK92p48vzZ0Ckh9OBb0M2O0+RYBW3eir3ervhSOOltXOFWUUFkBvA3GOjNKeCCVVR8HXF/Z60OGaXuDHyDv6hys96/BC/KrH5UC9rnW7zXv9woysd7uA52iDineznYH+M9gqZFUBQPotwUFp+PM+dnuowxxA7W+ZJsBq0feJwLo2d8+quXzHucWtx4KtzIllrVCxLS297OTRmtXx7RA1oeQdjAeiAbCEfxgPQ3kj1yoyGD+ZJ0IDYKcA4pgzU5h33lJWOxMUL+CVKt0Wo4D4t5zfXyPPBilJW4xNyeJN132Fk7pMj9W8KzYGFKU4Qt3jUs8jgqb9mQ2uZUBuKaYu70yzmQ2JiFmltfiasguku6KYZ9IzZTRyK96jkntFq9w9PxlAimwHBQH8KOrObCgUpuN4DHF5zQuQcb5Q3NLr9Ep0nnHO49gXYdfyOpyNURij0XDxmJRwRSqgbGoK1/8alMAE97mbUaHNacmt2nNg6O9SwFKIzTtrz6qRs4QZfTJO7edZan979A5SjtJ2w60/rF6SEg+YL36VRnT6RzHPi5u/9b2XZMChW/TxmWkROaUAktLBOjfn0grZJFMD9GY90QaObX32ws3PXkBOBLfnMHf6LW4Zc+hegz5ndnh3ikwEj37VxB5ujJtqpbKciIt7ZnrlhLmLVcZdd/F6uC2EHSmXiDkWPSkbzFypzQRDLnaeWnd6WyEZt8NEUlHVn7hIk8UrBmE40L0i18A8I18m5+EnTMrSgedwDXtcIx7O5MeRDM/25HsKB8NHAmGG+kCLOvm8FcXSfefbkf3Xp3kER20iE5hUPZ+opa3WmRiCqO5llWeJsuT5k12WuyKoCvbYvZgjgAdBUk3dyy2COwzgmx+5kK0eK8FPuz9YcCz8nQflbaxqhRL4Od/6zcSxd2/7/ouSYwmixK336/3PE35RFW6csnSCRKm+YJSBO/6treJjh8LKopfWO0uxhx2j3ow7JOxFolu56w1jFsk97dM/umpllrBaBmjo47rT7pQgAyyIY+Oe7gmXpfwOlVNBuRik96HcB7RWEdHV080Zmnh6Lf/CT3o/gSNhTAmnpma+SlsR+mcieU+eLGfiim4RdZJG5+fU1cnrvGk/8pRFfvPkvjxwM8MRf+Rx0EKe4Ze3PiTgHY1LRmManMR+8xIHzaTzD8f+cizgHkf84gUHPo/s+QTb0xRCXiP32tZTJSJfGuGe5aNO98DHpSmjKbDvyqFd1/Cy9mL5YlxhuUo9hglZQSYBNDTK7JCUeLniLtQNIjtdg/RBnHobzvv1KNzXzRZmYdteZauMXP2zJWZ7ROPXfJIEWaiu97N3cgxilBxcqN8zAT32Mq6RRMnHEQZHilf4kqGqhAA3Udhd80oiz7/wrGfYeHfgGQvpustv5byjz2eUgdCgQItYtEBPafr+UVYGs8qA2Sv7YZ8BMswQimQGCeCRW5YkOJiUk7qBQ05AMDu7cWy98H2uL9HbpfQ6knkuN04zmTa94HiLaWbPSbWETAKk2Ncd3mGAKsjj3WdEYP+Ne29mAKT9WVrH2Vvim2ix6pAZARc8Xu2Jt0XGRrLiGDUs7qurM6O6FXJ2khN59bo48DH8eOeKc/ILHj0HFB7nDplBYDUX+0Tx/CLAKav8mytFJp8bODtQwKM+6a+wv6bhkEP0JhGKqdwwtPx9mMBPh155anjz3jcMLnWjRD8TJfRno5+TRFIpVkUiVl1o/AikOEdwRfRFtr0eXcKfsLtnXCBFDYlG2rQ8+oSpRhPfk++o3cd9941QVBy/V9YUnl8ySt8gqUXCVmbhj45613bSsUImQGpmjiOfPofjIANdzFeGfkhB/MRdLlmE8ipcZxRMgwaukxFDx0dKcaD8xxc6tznufiMq6voN8LstMLiLKQPIW5w0LItFSTdDRWsrTBBdWrs1xrgRkFvX7zS8bFu/ecoEbf1huSwLHMl1y6n5nODkKcelPAynnye+oIWWjXldEX0by37uCik19mdMaeBoMjWbqkhAKR1vrHa2YMN17QYfc+ANl/mUSVM09DEvdgbAkx7JZ9lAAvrlJPKPCW8jNWkS7LceYvbIuPF4Lyl64+Aj3A9DvUIZjftLLBaxZSmsdidzSmfiNTTjNjJ4orEq3daDHY6Hh4z4r1fIk6dIPnmbGqrrXCSOJCx3QXKNxm5AYQv47DxwY+rINv6io85JEIk7pY2pjwTyeZCoXbh6847sQCB2uvXGj12yq7e8bijX8l2YNcJ7IIeAIYFYP44ipxaK9/vroOEWlO6TLLR6Hq4zF9taFdKhXaltytK72F1KdtyL7TCCXJttxp9t19i45G48zemulLrbZp+N+NbOBBiGvMY9WN0LqwJnYnhiY5FmeNizhO2ceYRLNWZpqfdapAFBV3SqoAGzJMwVGH07acz7oLI6XjWZ7nLAYkWK0SeEFZSEgG3Mr7KZBTdnay9RTqzpCRmyt2v/j6xl+Td/wsr86YeYnzXcoAEfHJXt/O6Tk9ahQJgFDuSEQ6txiAW3UaYK2DVrU+5nx+xXUq094891z3XpXEobr9Us/h4twlYjFcSyHK0hF/mjmWcQdeFBPNSmmTPM1ANXA1j4M+GuXDTPfv+l8NFjEnxNnqkVGupqH1U95TLwSkZPF4ZBQSMyA2zLJcFx1R8IMEnkN8Kjc6nz8baQazY5AKiFw4kDupxClvOmoLLM0B/RRR9cvzctnjBwUKia96a3fzKnZ+x+YxLpyh1ggC+nMxu7AI6jhgjmJ3JB0zfVZiTkX/ZsCAVnnGUe71POtZld9YBrDnLPiWZqWvD5faqXBJQmoKpYrMDEKAj3xGMxqEobfHzU52MlsO/4OOrBGjBYO6RrkBcNgJfybWEpVE95Kq+slfdyqSA7/dTcqaqUOOd3ZbK7bmVuop+wktTTjqYKZSyMHZrLhnksRvB9oIVqDIcode6HQ/q6+hmKKeL3ohgHhnxzgFZrHLIyLjDhrkII6Yb/Ms5lJ1eoqhdoVvgn0gG5IEcV5AVEMem1tmXNtnLt3uwhd2h4RBLsO0C8QlYcaxE6yuRqJ/3foPh4c2Eq2x4mGw4gdTbWoQVTH9w6+bEcAl3BCQsd8vUeN6WUdJsXEuit6Bgsi6bsT0kgVWF2PuBz5jSuVIabiCV51w6s8ooZRicLlm8I9jSQXV7GqdqD6vQSZbkuOqqi9zsXDjmZEekBDO8ZbUH7WcJ5eBwTlyZ45mJIJLBSgrbj7lK4dXCVY9fSDcu6DQ6cqPIraIcQHKnDk+gu1dZZe1QuLcDmqq6QSAEwGS4+/BD1Ly2y5XdpSd6c0ZTfneymaSsSvzDYj3FTXSWH5lPuOC5O1yRvivI8DO9IA57vGKOe54aEMiTTGZZkvQMkg6/d/mHzTrhrLAusPfnxvLJEEnZV4ekrSKnIjXiobGAi9JzrV3zlEiePoQWRq/nT+zq8yU7TKbkmJSLZGS21HVfz3dr86pmgfmLLlyq6r9HvYKlZGp212PtZYlIX36KAPnH/gZmf20dbPtfK1PxthS1mwdG+EbtBxY6n2jPu8Gqn4LZHZOcBf8myEjEvz/l1iBZr0Rg1Ed3pTicPxJUK6h6SrD6tYVa6IumhVR2NZej7y8h0SdQA6awXCGv2NulhwBjCJoN7iwgpzu+wXQptlzsE/2GilhkWdzv0SJ5VKFg6Lrdy/cEbf9B+BkvxIbx5Nmav6jnnApvBWMkl6Wz95CIn9frtNvc6c/ci8t2grjisJICtxbh1D/sjjDdkqz8HzYDk25L6lhH653mKZ4i7M/fqIPIF3ymeU462AF1PySEa3106J6FwPEs3S5ftF/ly+ayxo51JqOs7iAw5v6tkBnqvzs55W/wz3f8ue/ZyPrd/tyEZofLXgC2SxAOaMkUIXHBiXPqLjoy3tGf+wHn45jGWLSKjw1Ut6k5IGkFaPylewaeWKeaji5Ukw46HCNaQztHaaTPvQ/BS8YoFxrgPY7r5A6gSB/l5RVDy5RdPfRWbUO90665gfk8sK4EmMkmHVQXggOH/ElIIDaQ1uKFG9sDRd49bj99x42OwUrJonXvIMVQ2w7Vw7DPd3ZAcYAfx1wPfQVkat0lxXZrLGVVVrOYJWs0xaHTsc5DLukYD50+oK9OmGEs+SlCbuw83D8jb3V9Qax2d8KbWeOskDEkDdyDUkXluJrVSWQIgPnwSvosZWRpMfZAgm678Tofz+6LtwYNDPlFQ6QpJmfEQx9g88+tM+vbn6on9Fivj6yQK692Guo+vZprNPZYy2oCDIMV8285vQevj9bBiz0GEIaAplhCJGXnw82hm9DZ7hjAGRPIWOEhacoVwtInLKUr6yuu6u1/QVXN/T+pdcBPTLrVwQtiyMnYk2407UMobXDewSC/h6YuAUJL9TYVOI8IZPyVMuQ1AX9mN7A0KcVYY3boEcaF2isXxLhN7+ZKymRDKA5LW2WbQf89xPip9C42JDzTaStOsv35l7kY7KrwtXsJpti5lLurjjgRdJGteq0vXLmQ2ggtN9vvp1weY/m61OnO7J/w/FZSxuXh+OeZunc/ON2xntPnfq0naIPwdlEhf5KgPTDD7pvgu54ADkIeBx3MR/fo96Vx4fW4mHO9e6uAoE9+XVhKsm46u9oy/hPwxqwkhvbiZQhKHGonEGZ4NX2T9j9OUbfQTLP58lkZ3tREyIcBJ2xJP5R5QiYTGU03WGiDUNLJrvla/RmT95ABAsuUwyMiLPrJi5w0BIZIQ/9iNnUwRJVSlw3szwwUA7cLpKjAero7VOaCQvnOwoP+lg0kEUiafIb7UBtW8Z+pXnChl8ojo384vkV3IPNmq/qCwwJeGuZ321f9EAp9ArJmLOGH98qIYb2HB7jEaEdAqWVkCEh7MMsJFLvEJLZ3JcxAKxtO8pSmk4apT88pMqQaseEngYiyNr3JVTcXdGHuJ0Nlp3oRMErnw3j9xDR9g0yiUja+WopMHMq9eqv+d8bnl8/fEISQO1qdDcNOYRDiF42ViQNlc4EMPVzCRQcWnLJylAZAEISP9Ve34yuiLErYXx/aeevsHGbc1p3o0Q3SwUZPN2UgJg5NRGNC3axHvPesoyrQpDyhcFp3UaTPGJqMd0wg537J9dh9OCNk6nChBExf+JVQjF4SG/9uh8vTCVRWJvKfaiOhkKQe+/U9pGTLUSd7GJk5MHphSfExW8umFkmTU7x96e9h5Vl1UcD1LJXuE/uatv2xEQclWoTqvdOd5pZLHb0uRsv6r+LzUBjQNKwYsGU75m9lTvsdeQDS51zQ3qT4tKtMLBVKpMrYjqSsD0yJc1fcuoo0Uiv+Z7jU+RFXn62egVcFRI1LFDVYH6PooPj9xNG3KrHIJ9Zp3woMHjGCzlmWnoogAS+Em0LAf90RLSoKVZvCU5OP05ZWx7Zc40riW7Gv2m8D5TbEn2Wp4bpf36XZ4aHPQlsGzrSOrbP0mmDpnI+O/zxcoDlPlmDDOINVfz5+hw9cxrl+pWOa36hxXr2PXlqmUN8H1mmhqsP7Ye6LwJPJVm4rqqo4deSm5nVrdUSAJN22Letg4DeflBYTBDV+Rh6FZUvcYe0aweavmjklyO6iJACvFkPHL1sRvT+xfzCZKfQb/CCWTV17YUzbK7QMOyk0lD9/BjbG5roMDbV2bhj8vopB9A2wOqVN5/Q1gGMgFP5We4jY9kKZH5wECRVB3LNE/JQJLdwrNdGqsMNnZtJTgvzs695OnJkX3nvsjwcvl3xbewFTp+cE/gbeRTckGc5Nc986+xXuL3DKYimcguFCudfwKdOUU5eU1zyYMYDHngAGZYHoUxcnfVeRwB+H4llVQCfpDgmPyjoteUccFqam/friu3v25l64TkHtZ6ZgA72xwoESnMO7FmKHF9RGtPMj65xhx+cIt17VMrKp8vHRMR8jp1p5durkA/6cmO9pyvLX/OtCpmKJYsEoadAYDN3LbRB2BtdDuvtLZ/n+6hMU57487DqdCI655cEHqrUmPgNEWwZy2JianpdlHt4Ar4V5ydB2FatwxGB/VeUl21cmqeIPSYIkwT2X0zNkwc8Kpl5OSo/djoT0sJqgq6KzfJVZG9/lYetuy/aA1RdIQFK87RZK2vKDpbFDQo4XMh6R98KyV/yS+8WHv0TkpISyYSTBI0oxUJ3x7lhnHTTA08yOcqo/fuM0emLW56v8TdSD7jmfsXxCnu+JgeDbLFW1r+PQrFSlxUfvHhGgwMOPAPrw0b1FCdjWX4iSNyTSnughyIuRJM/JUyJe0hZ/kmTPYRnva80hMfhAdA8qoWUAYTGi5wKPaUF6aI0b6lSgnFPXOqGfWDSOPDb5eHAgq21vMHEahpyvaywCiULdbO0BN/bQQcYlD1/+6lQfHUtvWotUuauPZ1BRpiCaMBsCzOot/PikX/Z/pcj80lCnpc7Mj08nUWCUvvrxd/W38pUiel6vvdl2AJtWltCOSZaSjE3XX2cCKXSiTiebVXBMhycKH+oPYxVRxjk9JJfAmWorz1qFeAijY065OaZ6cD+KYT67bJU5d9fGkRG0OcXiZ9zhGhvSKmTFr32qGl1m+uSSntcwUT6Rvwi6NhYFl7iibwO/GbTV57/r1MfxPTPtBiagdtBGScUsSwIgSAnlwVSqWofLvtzuDZRKHyS2ZkVd/FaXcJ/EremJcnug+XEbRBUnKGkEjgF7VBlmDw6zQxJY/EX7Ud6DBCrtSCgcG6Tueiw3iO3VfoD8qQelAgdeUGOXo8MR/Qd5/PuWCpoUakCQYYgVUoDSIDGDdVSyAM/RJ/irjF7wH5H3wY9SHItZb1dJo4MO6QURfqt1yi+yMGK/bwyCLovMRr63GDLt4d7ZA0+6ABi3S9Xm81VLERQMbBz50aWnaTsNkGpEX1+KaMZwMTypT5pBFwU0eQrVsxiz39l9+3NBP/3RWEGuxY77AJ79/MGwyog83TtETQM84xUgTVry0ePMKAFa8qMCREvXUL1pJ+88k9trCR6RdHAcUZdPmeXbMzO9vf1Wq9ov1XEO/RMmjMsvVNAI6i+EntUYg/YZnEbUUcwo3tMtcyHQbYnT2cQLfsYxFwdF91OiuBSrV0sGSiv/IUD+yHl2uCx39M9zqSmYhkHymjOO0qPTz4uCaF21AFp6/4aNljLvEcw0OfbyxeY7stzLOmNh8aBK4q+xpDMgel0nbKNC5fCIOXpv39kJq1EAA+rnuRJLi9wexcYV1GDIt1Pd+MOSJVMD+8VZpzZGdb15Q3pAVyH12QYgFiQ7ZNO888cYe6eTBdtApXzMxTGqeA7Hi6bNyIzdLAIClc42I6kLKohY1+TvPtOIgMepfgE1SLCGJB2Wq+kaol5ZomtpjeWgYgViDAcuAfZc8VdigvscxCxauu3mBLXoVcnMqbzkAeQgdfIEkNOmtDWXYSZb8pyYtLdlhDhIhK/wqcHNWnXFIDJRD1dJUISq1ZDrbjksk8wbREFrFgQF8KdeFDihcjXYixZ1JETe0TOGVb5fTG7cT+pvVzNRF9KcIsGITCNhDQYQ/BEAcY1ovJD/7hxx98ZMAOD+RyhJLIm4QDhd1bOM93fq3r8DKmswlnZwP1ZT81CHfw82mj9tZrdF3kb92KHQyq/yfEvS/eSLPVXlU2NQ1EvFDuKA0bXoi19zYuQ6spmLq2T3Lj8rK/X8Wy/gwAuI4YKhTVe5BsgAd9SQTRy9Y/qmtKrjet1I75u+rvfelWB2fSVCvUjKeT3BQ9hE8q+WQ85T4qNvb+hqiMggqxhvqWUN0jQ8Aap2SV3vLGA1KKSKB8GpXOOu27MlK9n0xSzNOI6Edfm9IhJHI+ryRscOCvVBeSeyaLwYEJuH6RkzkAFxYLSrkyCLUCea/VYgYsY6N+l999/2trvrkCzkbrdy2GMcPAcVsqGn1rxOr1xY9g05LbEx4vZ/8IJsc7rG5UAqVvxh+0k1YwYV8GXT5xrZ7VbUMRPgsuEqDGzRHmBlzc6VgBUigrqd6MOoQHCflSK/d22pstEjARWaBhq33E6pQOBs9Pc2XD3PTbOc2v4h04Xr/iF0Ev+3G5EuPLmJsNwZx4BOfK1kyl2oolAXEZOzdHX07OFgv1sSdhalYgqwF74jgDD4DbHzR1nK8605OFsVz4gTtMdh+llRCX7SEHWjUxBfvNOjTXxdcxGxay3vqZbPMlzWWSHwztXCV569cToaOiZeDAgWnS3EHYjYdsvr0JnNxOlLU00o794HBi5lyyKZc+zxBK2h50ldyCxw54Mo2WdtuC5ffATOBOulZssX/guVTJlYbJ+8cgRZ9SRSTlua3sT0po52Twx5vGSZmKAZ8/YWPrwOzbBagvLMD4sQapxUZLx8V9dmCQiRIbfHwupTfJOAHDZjYTVk2fDEh24zyLXySzsx0mj8GJayPQjDZhh/3KKS7QutuvY/3nEU/V0RlhGBfF2MTtUSYUv236/aci5MdxBCa1CguWWrwFLzSHQOas6RZKsbNBkbLuZZZS6ynRNFrhIkmrooZ6legQB35/5QHRDVOVhSeSgTgJlNj5jwFRgq1YNqI1jpNVZpiSoglRFhp54zOiQ/3nYEDPQoACpPTSfQIMOIoxRUdwl7rxyvmhOVesCTWAIWLdyf/KmmFJxJOj7O7XBStD+wO5/onxwhRrOO/zs7b5nC2Up4CFiOsv+oM17AEp1KtFEkab/JaMBnHhvj56Ye8uPy6ElDWhdq5Zuj8d9OzKhXTPMUOa4I9wofpI0A6rrAREimKpt3It0dCFN9YW8uanmzAZc4e+Hqy5IVIumle841sn9Mq8KAVZEieqHvmJtqGHg+vtNkX6yLYU9RJxs9+Vy1HO5/Ph7y1iNK/6iPqMryk/U02L3cEMeFb7yXhY2id7K6lhffCLGmLLumYD92sJeHvaJe+vGwy8VVqY9tow9fHs+WBzCGDUurS361PZrwcwDDUhdiy1yhS/ZEklIPadQjkPK7Q2HW30tmIXmOCpDaWIN77kj269h9/VzAyL2hu990/cz+giXitQKuqwPyESTDQM1jf7ML7Sawly9HCwcUMOa1TZAqvOB+4iq/84AH8kENgLYgv/gtfkjHdZyKHntzqFsxvIlayn4/kgzWyfBNixRqqoJgsdYk6ARMXATZd5XNnSDZfrNArme56eJzsHVova8gNCL+Kg7p3qXf5DEvitUGdFwxl9cQZR/kLI/qgpFNi5iR7qDm6s6L+UnpQCAdHnM3qdTKPYzC4Eu8TYckhIDS5zMUA0MK78q5CMbtmjRnKwI9v9hOaVEttRFqG9kdezEwjZtaprMyDxNliSI6l+JVa2HsJ0o4XJN0SoCnWoajh05jfW3mxFD4PEynEi2RN84HLsh6mbgYqtRAajHzWIyUxbMXl7haG9ishV5Mog2I2pE3KKznMgMew1ChFS2p974j8Fz+ssQkRseNOdb6AQelItjC4l4y2H1FWoJ4xf5i+OZh9TOhJ0Na19KAYBJoMl05pTwv1Goy1tbpGwPQLdTeWtuwQh0p+elYgamYj4bDPpjTEE7TAvnV1IW1qI1Cz6q+mlXOiOCZ3doVkffGOIg1D5gMISq4wxiD4EUFWehEsv3Zr+Oibacp+aCDU0iJbHdElGkaWiQLyUmcGKqbx9VkNc7jnCRRe/lvYnB+2MSFo7L2jkxMEgM5XBe22NHsYwm5cP/G+LjxGQMPuBRWYgUCJC6NEEldINLIOIpwmH2nI+Tgf5Haq3WvyDErbkD/eFfSIepntuZ/L8DRhHGuAyvKAf3yq60g8pm7viG25ej+60RfYFqV5/GgaRzbnyPI+il4FAuzxZOf0qpYPFVeDbMkTI6kmuA1ep74iRRZyy2Qo0h86X5G00cKk3gzX0d+xEMTvMBUXd2lMctxthN7aETvfm0TwyGU0SyciNodlTMET9Ueo82ta5OoPLtV6WsYO+osjRowmU5EAxr279I9OTo3Y1nqNoCVBNDUERSaHoa7h26v4jsCYTRzPAVrCe2iQfrN6Mdt7XRe0+AiplzNTqs0BKbZn/x07uaayTp0FASczmFCY7nE6Cu1rGY+6rZSWrl8mebMOaFgmqw9hX5M0UMgLQzPk1IEtBwxDQrg0AcTIALXyy9UDyjxzfQaRPweKldSlrKfcECd+iKq2VxyCjLOg1vgO0zNpPCbZSex1KpaYdROAzDrhlbe2IgGqFVGltuxjoN+0vqGUlenevaAaDgltAMGNQn/ie+nvxRHsPNTr6DWL4XIypxxf2GCj5zdYN7nGBGo2z+qYQtGfUqlTWKqQjs9fbv4tl1++yBTLBTjU2vVNW4LLn6Hv+UB/W4+LS15r4yzTFgeIpt+m0VjQQX1nN+vNb6x9XdWbJvsgAU5n2QNnSbDDm9HLpia+qozG92a3RGFBqYtj3g64iqJsx7jIFPNLRRoTpzU5mgU2SqwaNAjgRs4wOaAP/7U/fO3u1DrBg/M0WJ8EynPZkdp3NVsSbAvt+mtFUh6vvqbpcqbigtUqQifT5EPCjmpjN7g3Tb++QsYd+t9dsWKWYLiXCfggCoBYg4bWTVBjw2dCFP16ivE208hDsh0TZT4CjW2TNvUTqlsQPrE+RECHotQca5kMl7Ka8QogFVoGfcqlU2Qv19RHLTvua4oTniVFrlNtB5x1SoJy2EpkSCEkEBrb1GDWjWJtWAQuzorVrqzAxZLR6D9HfhoGqfTTcxUpq8m/fK2MRI/UZnSaL/DbLyC9N1AqBAWfU4PXw/h0JfQtBYXmJooWERwN+PKVwYMMfJuepYci5zCUAIA+T3UUaEhAx791p70G4j8Q5/TW/PILkGtmws43MzuuoMW5I3L0qscZ4zIWrtNfhm49Mcq1qj6HeHwLYsTUSviNJmBWhq2SMv2MZlWlfjuQPxObYfB3bcU+KO4XBduzBMbVZGzwarfkdjIQ1Y9gx1Ikx/6bLPTe0nUisNCQ+pDd4ci8BY9dIJamT682ziKAO+aPpAaJqNiKFOQg8bwRRLj8dWJwfuhJH3qGPB8RkE/GC/z2jmKgXQPikBPSuoRa4W2aWUKMpHio9pC2K6+BKR0alunZUBWt8C4jFmZDbk+Q2jZ/hTdzIS1jpzkkVfSvqrCN330kn66DYGH8IwOGnwj/SFMqVFxqYLxK28D9ZafJphrOsPpD/+WPc8b8icD1pUXPnGkdQQxhqgWuD2sArw/i40Z5oSnO3oJSXriYv/beVdPueieBX0DuT+RqLZkB3LiXFf8F3sKNztTSOAoJzKt6cjNd9tDzolcrXLdIeUpWklQYLNQuGSheCaJ2l13oajDCiAvthh4cY9TwZq9Ux8d1vfLKuO9TsuEh3sjWuhoC0onXvKvgdcZ4FUTRCqiAm7Q6Vr5TZaxEeU7gj3xvJe6Hes/48M+5ps/EyYaMxmiuHZo4bJz8rIWcJQ8Z8U9A2/O3fFg9L8nl/7oJ1i14BKdH58fXXMTKVtlHTy5SWL8v33bWzclvp1ym+jbzisDuZmasgSDq0+jGQloAOQsY9nW9nzbVxCfGvFRIKmZnEYYelNbHlmF5fY7bd9WnNY++HpIVMuFAKjIDIfq6PTQ3cL1nIMOvpRKqTjzEhsUVEcN/0vG8rFUj0zpXBEt114oR+HUU/7pp/9MoHY/R280MDW9l+8ukjz/GNWQV4t3hOHO43cRev/1rgDy7EMSk1WX9CbQIkEPY3SBdE7BcHBjIz2alDBPJTgGmCo/OsM37NavVPM8tQq7/NSInLgCyUrc5Sh/eAb9UgNYVJQgwI25cH08SpqgAoArzkzzARUBSlHL4hFziEDmn2Nz9NhxURaAtzQMN7fgdK5WKk+FNItXk3N5ZTXkxD74pZp3e8DWT7YFTnyWJg5bmUQ/zpFfxlXssfdLxN1QOHhZsPZdfd12MpmhcGcT00/Y+vF5i98vlZEbQqb+QBgG1mtZxTtcyFOq4r0Ok++nV/C5gPhfCL0WxM53k3LHdKHiv5Ij4WP/tOcMtNLIBJ1wIF+SYnC/tFGlYOjmz4R8fK9Ua0I+GDFQbr5k0K3lMARpcq1mzATpj5xuw6BFNsEg/5kahN36n7R6cuYiNnGDlfWLVZaYNQeYkPLAeUdmqgGpPWP2us+wTyjJZRfKIpfL6P67IJMK5m7oVqvHhklNCikT/mWvww2T2gAab9DvpQMLA142gBRUpzaHNgGn3Ds0LcySqe8BanvP/UNLYpEdNSubjJ46qOLh++Dh069pZ1rdvwZqcWHicACPdzpjbWLbXMrKRj62FsYbUYKcAp253Nu6PwTAewlVaxrbnfkr9LAoHvDNyuLYajscT6Qia1XJ4N9AsOb3bUrA/F7VsDzwpjYAI2AXeoqNkiwL3rP99IwvUFD/s/W3l6ks38XgfyYJ8NNDHrhcq67xCuxCsNvKd1gjG4ODw+0BJs82P4y9DbFnUf4Q2N17zmuDSWIg7j6XV+x9SfVkX80jz43mC7IkLUjALrQYWWiTBi5s2RQBPZ84iwmw/nPWs4/P+3yPs/Vo63nVu3Qfl+I/12AOxE0m0vwzTysQTnhmysTIr4KsIHM2RWUSvftElV3Mp6QPsMiuxkkZ+U3yDaq1dkAVidfkaAjHnQaa4DJ2mMGJWyZwwh54USbQCNrz9MYwY5hqRYa5BuWm+JComOVAKz0gOeQJD66IHCf7Kbz+BX4zIM1f2BDzyHsRyEv3xuLsl7PbWA0mJ/2wR0W8nu5ipkR5ln7M4Su2pBxi2x/RIBi1zFsvymktlU85G9QvRLUpyEokLUdLEWXHaBhAtGy8m6RXeQISAH0s/CQbINFW1x+c/Em0ZsOiHmQT4b/zU41kcFHwn1rRmf6XAKB7ODV8ecUcg+wKafUvgf2TUahYsJI+AQQuz613kmRVT6eS3UxVPTvMx2yEaU6iaRJg4fJC6BB5ZwlSoUVNekq/93dUsZE7IedR0SsICOa0f4pXJ0vX6UTFsPfKa8pbW88WqIMQ5XvqPUtvKdsGh2WA7EMxgF3oRXEDoqz/GUsAUY+5+YYcEb/pbskF9QE7pum4S4M1SjyZpqimv4Cv8xu12ES+jO5yA2ug+qtXbHDHQJwF0fikAJZLYqgfzyEYueu0SpKYtyOhfvBtT1aHX24bKf5x1xV4KVALf4W7N+LTwn3QTk+uX663KE/ppx4JAySj79f9Ikq/MF3ufFsQP791Za4P8HDWunnyoDftfTkiG+TmVT+d4Pv9KldGy6oR/+TSNQt7pzeNKlVQHVtlMQ1JzlYuuTQWw9Hpo3XmHfHQqscznQI7eElMDNWyj4rj+o8GtpwKAqv3/xTNa4pgEwNhaYOg0/es7SdTwNYZX4FXTD5uQ0SYD+rAbk4rDYydmNh0lrfPf8dmA6fXX/JwR5mr8SH+//jfr0LwdokqEg72nGlrg/40nsIjB83k1fxjA2zeuxtcATCDLY1I03JeMnVOX4p8RVU8mBDZ4MSuqJM+QSiuTzp3aQNf5F6RewihRQOtYUaxSagixSWiBCNFxbbXslRV8NavLYz87xXf2I2sz2uJK2SY4X+PqyOtr6mOJARNWj7ILQRCnfLR8GQ8KDMjvXn0iPKrXaJfjp8GYZdC8K9GeecGiSUwaMbUeqgcEldcRBNezUuSNtMRP0P5D6dD/iEw4N5fuas6bV/sbAa/166FnP95rXNv/LtHW4zFOW32+VIa8QYNrolRS+T6HxVCjMiv4GSgIvq+5EQRqi6jzAQYPz206y3DHA/ME4zggDxt/ojfrApDJbGYpnMjfJZ3tRebVQaPtTJnzZLmrCA0+z8Rv3RQGKgdEXqYfJ3XMmyFrpK5busDh9vI9nxtyPwgQkv5fm+sAHzyPNlpKb2HjgvQddkGfU5/GLQqTRcArblFZqxjOOEHqI1hU2t15Cz95yZbIdhOQ9pqLfa9vLrxE+p04znyyt+adT/MMMbHy43tsBYbY435ewzChoteGJUKJJcxWSjIr8wss1ZD7vAL4/RLWEis+o8n2m7NHD1dDZobWGKJuU6rVO9OCeaU+oyAE84DmkY33AJwa3gLXN6/+1wpOBvIvT/J6HKNedHzCS6pwtYHfkteBoSVI4J3pO5jAHAgoJsFSHFS1QcANO7j4zOoGGLSt5RJ3NkjlSebrXLXqtbrVRpc4nMxZVG3ATDZmjFDTIEpVH2TKX3YVVI4Fw8fJwab5EduduFsyxi4f8jEBa6SQ3O3nSL/XGP0M7D2JKBwssJKI0B4VqluDsaHzkVQ7wp27Xu0y5LjNTMXv2H/8CYL+qX4o2Z13OOkMXSKX7NVz1NTZvGagczZ79b9wWSq5mKMwmzlJQ+onu+f/3UbaLd6KPj7tvYKehiyQa3qZdnHvMGgIQI3Ibj+com/IYUC+oL5+0ZmD1Hrlx/0kai5snCtzVcy86ZKqhSpPGQLe5yHk4OqGwzIl2r0f+jgFdOH/tX5v3Kcz8UULQzYXvK0lfAJgrfpAXD2kJeQYJzFEjeqsBYo1TNYErEAXG2Gba5coLd3H0IBjG/BuKgjuNygxnP9VehDi9Fv723Aflbs65bRZKYvANm2BBVoi87AA8njIvhWcyTyDo2zltu6N9S1U5tWRAllyeZQlOXhDPIvaShBvO4JerdTak/+cQJ8QNB+imQOnv4dn9HtCWX31xCdRcdvyOB02J6tYQDr4pj/+f3WX7bmAyoBXASKOXoa58gbSZrMe1nspIQVHoKEDaXbVPItmXh8+ugEUEnc6tZbHV8LTLnCqeEiMrDuBZXE1Aa3MHMlatHUyS2gOMIhnd2FdQUZ0nxNTWdTCuk33rkaPk/cpGXFezvlaetk74c7k2HVG9NrmsYEK8BMWKPaugnGsMibOECpJn1lUgrXUovgmhEka5/ETaBfBLR8zM/zXkGEBl8h+7Y+kQWILEruUI9XLQSwM4xdsGUMJ9aF1mzYLP2hbuuSpQ04+uo2KSrc4EUIQlBZoLF+lhI2qveYFdFgUPImclTTbznefmfPBp3f8w9brjCT6cIGvQIcSVKgcpsrml0zNhdnZw3YggxND62DtDlDcM4vkiSdE2YedW8na7lMoH1q+uFWnTd4zZjYNGLnMBjGalm4vr/SHxcEgjR1p131cZhtQ2dwvja4qLmUdhvQ8xsW4bHRsRpCEkby7Z1chUCLqLKqoVAeVg1YGRPWf7h8/OmG0ct79izDjOVlyWWRn06i5mvs8YDj3muzEd/XqNeF2hvcRKmL6JBlUIMs6N+zETBMHstpHAvOKHnJqWKUT2NcM+ZEnxFObDfWl2XKs0kudpwuuzYf/dgtwe4Zx8d8jvmsou6/tBh+btxehc+cXRyBdVUIZmmQ5XHw8e5KWL3PwxU0N2rwtSvPFsw0WUFhF50X1UqG+nZkmUC0T4SRsW9xBRtEhKwT+D//pjg632CoSHGMRKzbmCYhcAzaGmp1gqAN04jEGH9+c+FKP00SNqQWKm9gWXoAkOa9N0+A7KaZjWQnWx3g11Ve48gBgEheJrrtTO2nMmWOS6T9pf4UicCIsX/mUyrIiAqEuA4JEX4HDB85OU7d2n5G+buaQBRDXkCFlIenNpIOclGnNvxZNcAkV/0YiIPeBvIlpgBtvaQ6Fpy/a3Us0zLy7Llr1bOnQ48RSANc1MW4CbDkOVi6PP/iF6cHc5t42rSxUHFdiSDhLvW3gpiFQEorr0YukBPC8LdKd7CqgeGmRQh6kj8rY/fiKWtaOync6l4ya5GNecZVKrEduePKphRfAFpRaf2/xiujp2bdqJIUlfAxUz4zWFa8qy9tp7xHswiEjQXFNTuKv174qwxNYoiHjxvKyJYqbf7EPk8wFSTAb8txX33MHlUQyTVXEgiNSnuauUBqS8h08vBSvuQSyc/EQyPWQ11YtW3vSh8EPmMd4n204G76f4oQ0Hdf92y+WWZBqJ5XAzVICd+hvNhZPtmSIgDEYlu3fyqUMpLzWgUqLCSJ6RdsZ8yCeVK6T4JnYMhBKg1oQuTiW0oRCRC+Zg54VKFSPcVhfNs9UgZqnfniPerd7uP3IOCbfwNmRtDptdCEOr7YxTwK9jPHFZcBaRaja2Vne48VceFnitw+uAxmnUHybcnmdJcvXheJ0tDTNH3LGZMRRCqGUc/1VP5e92IyGvDTp4KrcyPiQGNDKxJGme903vOS+2zE/kUZm3GF7UyVx3knjnAodA4SCiJ0IH8N0CQnQd9DrRKYaxZt3TiTUs12YWtoShnaDe0A1c90r7C+zl3Y2oIuzl6pwEfZNoCdBRacurVakFish1/uaLKF6aJt8/wm4dhXNCsnHrRnzaxWn8ZrE8TVPW1LqGFCEYWjqtcl+/C7pPozdslGc7UDZoaP4l5K5HWQcB7CZwxD3IA2vOuUprNqrF7kgj5stBpQRmWH3BpxG66YgMAbxfubWD7NkYN5fSm9YLq+YAPL8mKVoV696No7s+Grbc9AUHXLrcgoRxzi2dT1mqP7Xm0Bh7Kj0W0N0Cd++Prl7THCbGXdf4UXW3/hHDCD1C4uJNK7e40rLihrVsmP16F3vUssfZHYfk7gPMB2pH9Kxkhejxpy52jCEWgrdvcuUUjl7PBYXT9AtAnvSL2Yjs2dtYNyKQqxOykXcyhrRxhrF4BnGSeOYEKPWzoLspXDl+z3pVkKu+IZflc/QFshkLUlvgVl4oZbpPL01kd0RunwTS3Ym+EdFDQ1b00H3jHDSWoefNKnDmmNbfAPB/2jlSLUwks7wk1Yyw1LT2WRmZouTSzFEspwYeSYAC57JfECSZJ7Bfm+YfDizqjqxSzZVzKGwSfCuxUddIUNTVK4Ypk17/bgBzTFedhhMHHw8AN5/NrIpmYvwFqP+exRAQsyXixwaY6GbAKorQWe+Iz/oMe6xAN4NUqATWmvxZFjcbaHHfYxoe9KBySeLkBoN5/BGlBwCM3c4k65MTIn+ZdYAxGxdgGREGlZgD8U1sDS8gLWH/wRyAk4bYyGVj7u++lQjEsvSFCnXRgF2JP91dAF7SlSQN2WXz3oyFRj/cwm7im5VS54iJHvlqJpIZ34PrR5boMrBHxfdnEWS3pr02ow+lJPlKTtzpO1l4jlKADKV7LbU+J/9zGzA2Rtu3aVPrRRh8B1EcYUGmrcR\",\"channel\":\"400058\",\"token\":\"928c604h/ePgmOQjbMzGguAGFm2mC7K8Wpgbe4DizUaXObyC5WZ8pFxu6Tbg8eq/atX0bg==\",\"version\":\"1\",\"type\":\"0\",\"timestamp\":\"1776516464080\"}}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 18 Apr 2026 12:47:44 GMT\r\nContent-Type: application/json\r\nContent-Length: 602\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: no-cache\r\nServer: JPrxServer\r\nAccess-Control-Allow-Origin: https://bethash.bet\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":602,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"272d52539b86ba3b14b0bf10d5c471cd","sha1":"25d1cb0b3e98ffd74d61768a3f63bbd41efca119","sha256":"1beb41040815ff92656a25342fa18747ced8858761be2a6de7ea0b7f79e9aee1","sha512":"16517992a7d800ea9b1207c1aefdb352d9f05c6f310771e3dc919c1e694a0c2d08a6caed8c2cff4676b4105f23169d8824cf7158dd09c0fb762364f91a27406d","ssdeep":"","tlshash":"97f02da707cd09547d9fba60055e4453672d2d615dd5160dcd0fcc0c615752cb34abf9","first_seen":"2026-04-18T12:48:06.581941Z","last_seen":"2026-04-18T12:48:06.581941Z","times_seen":1,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":-1,"dns":2,"connect":20,"send":0,"wait":389,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/TJNCaptcha-global.js","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:40.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.qcloud.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 15 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"97:D5:C4:59:CC:DB:39:C1:09:48:A2:5C:F1:CA:F9:65:FD:86:E4:8F","sha256":"A6:65:54:11:17:3C:C3:1A:6F:AA:C1:D8:E6:1D:0F:59:2D:E8:DF:E7:8F:D2:BB:F9:40:83:5D:1E:01:65:D9:30"}}},"request":{"raw":"GET /TJNCaptcha-global.js HTTP/1.1\r\nHost: ca.turing.captcha.qcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 18 Apr 2026 12:47:41 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nP3P: CP=CAO PSA OUR\r\nServer: Trpc httpd, tencent http server\r\nCache-Control: max-age=600\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":903500,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62551), with no line terminators","md5":"4ea9bd8bb27d413275bfe6a59060ff93","sha1":"0ea0cd829eeae3bc3ac442c33095ddb2507cd846","sha256":"ef0b4a62dca66f4685294a431e82a75b6ac19059f422e534087494580aa34904","sha512":"7a649c8673b65b94f78c450f0520689ddc574172bead2262f35a7d2d19ee509f60611d09d5ab07aef97c8160901d6d13bd741f6f29ab126704c5e9007c48ff5b","ssdeep":"12288:wKkkZEAi1UFtNgKsuPEX77Ng6RXvWbiqQFb6tDITMzvs60jr0lUirMcDkwqBwmhg:xPEoFtNgVuPEr5qR0fwMHvpkv9osFuq","tlshash":"3715c94067c0784953cb9f7bb32bb5e6f81a0c6e3d98048bd600fc5466e6627fae5931","first_seen":"2026-04-18T12:48:06.586231Z","last_seen":"2026-04-18T12:48:06.586231Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1991,"timings":{"blocked":941,"dns":201,"connect":20,"send":0,"wait":23,"receive":85,"ssl":719},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/public/upload/other/2018/08/02/fb45059262cc7ca8a398cdfe1f44e90c.jpg","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:35.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /public/upload/other/2018/08/02/fb45059262cc7ca8a398cdfe1f44e90c.jpg HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/index.html\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:36 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-57b08\"\r\nexpires: Mon, 18 May 2026 12:47:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2UYJIIfLq%2FxWkKSa%2BWUSwwTJ5vjvgUeml0l7Iu1%2F0oUaq%2FhvEdi0xRdi%2FqG8NOsZ90eExE0Ie122XeLoQQWpJeQMAaXDz2ygXxCgczQ2ndJkUAqMi4ox0Vh1xUHRWrBBZU9Ppw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c765c913b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":359176,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x578, components 3","md5":"b762e705b2aa13b4ecad58303e33e628","sha1":"5b92ec87bf327053f675c456fdd2d2618dafa2bc","sha256":"dd385a3f2f9d4318fecf62406f384ba8eb1aaaabce330d0506eb4e5a869dbf81","sha512":"39661a2732192da16161debf90e2414a667683db94b4588884cd8a979aaf81ce33a2079afb20d6b7888730f7f46e7fd82e366c576ee149e0f152a63ec9200fef","ssdeep":"6144:Chcj/HqR0juykA0ic1Hwi+57niileK42VOz8vMDLYWXN2Wde8S:cc+R0qNAEW5GileK42oz06LZNL88S","tlshash":"03742331cba115d986ee84a811cb1b113efd576e5e48d0323b15caff9e0006deae8b47","first_seen":"2025-08-14T04:55:24.314583Z","last_seen":"2026-04-18T12:51:41.281118Z","times_seen":14,"resource_available":false,"data":null}},"time_used":1611,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":932,"receive":679,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?634aa988db89be73b42c18706aa8a1c0","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:36.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?634aa988db89be73b42c18706aa8a1c0 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 0\r\nDate: Sat, 18 Apr 2026 12:47:38 GMT\r\nServer: apache\r\nStrict-Transport-Security: max-age=172800\r\nContent-Type: text/plain; charset=utf-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":2760,"timings":{"blocked":831,"dns":1,"connect":274,"send":0,"wait":1096,"receive":0,"ssl":556},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/resource/loading.css","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:38.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 09 Dec 2025 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:22:2C:06:7C:F7:60:E2:00:D8:75:A5:16:3C:F0:6D:35:12:F6:A9","sha256":"A2:B0:3C:02:0F:09:7A:78:65:5D:9B:E6:20:FC:1A:99:B6:C6:33:AF:64:FF:07:B3:78:1D:B4:83:04:C8:B1:FF"}}},"request":{"raw":"GET /resource/loading.css HTTP/1.1\r\nHost: bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/register\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:45:51 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\nexpires: Mon, 20 Apr 2026 12:45:51 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: W/\"69de49f1-58f\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a0228782537cf4c86245da194c3750e4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: ujNHNvgKO-c1BMPzAGHiiRh8nQCnd77O_ufYI9DcvdvPGdtU2mAylw==\r\nage: 107\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1423,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e1cc5d435526557acda7e1461878290f","sha1":"f3c9f5a0427d0ed822a3359b7c520dca0e3cef96","sha256":"afb4aa29c0cb6fc3849b6c62937226da23a2ee57e6913d2f8358fbe83ad7d3df","sha512":"2c684f6a041abfbab1b4e66bbf6e5ae398c5cfe9f96f522e6e6bfca367f095d7dc9838d458c79999fa5139dae01a33cef36413a09c1253a65d33896f847a2f7e","ssdeep":"","tlshash":"5321c03b09f1a44c961b861a02ec5d246b3dac439d0fdd9eb7a2740ecb82d4477d329d","first_seen":"2024-10-23T10:11:45.180877Z","last_seen":"2026-04-18T20:07:52.026896Z","times_seen":44,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:42.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"OPTIONS /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://bethash.bet/\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:47:42 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":668,"timings":{"blocked":322,"dns":1,"connect":20,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/cap_union_prehandle?aid=189999718\u0026protocol=https\u0026accver=1\u0026showtype=embed\u0026ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTM0LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTM0LjA%3D\u0026noheader=1\u0026fb=0\u0026deviceToken=v3%3AAqCh%2F9igof%2FYMW0xoIXEnN7X7yMJbZ1Fg4%2FcPh%2BxoLTfIgFq8ELDagQ4bRKpDBBAp3YmAsRL70tsKXArJfu%2FSP%2FAZ87VZYi7nBe6GcPdE%2FJ8T13bWvROlQ0lYDBTGpZbRFePBCrMuo5U2BOwd7XeVBB4Civ%2B1X6ddiIJE99Cb99aT4GTq8DT0HhaJokgkj%2BrgdijoNsvAfFNwjllcG%2Bvg5OnG1Y1NSfNtxSWGEHjjF9%2BtIaiblTz2WYzRKXgaoEO0PVehceYSxEzR8jVXSpwYyq8vq5Gnfe7o%2Fegu89qKvwYgUrbon2nVSI%2Bh5pK3mZWRFJpZxMR0pLQ93PuEYWf%2BfFHF9hTQw64ci5RvJjvNkCFxCMnEDxDzSzpYfYopXpjgHkJ4OmDCfJqoh1McLjuzOFplkQUcEsYRfYimWRwL1E7eGvrLKJmDGGux6o2RXi6aFKHuLGyLraTllMa0TzZWYy5endIQlqBpaE4vP23muoB\u0026isJsVersion=3\u0026aged=0\u0026enableAged=0\u0026enableDarkMode=0\u0026grayscale=1\u0026clientype=2\u0026cap_cd=\u0026uid=\u0026lang=en\u0026entry_url=https%3A%2F%2Fbethash.bet%2Fregister\u0026elder_captcha=0\u0026js=https%3A%2F%2Fglobal.turing.captcha.gtimg.com%2FtgJNCap-global.c89bafa8.js\u0026login_appid=\u0026wb=1\u0026subsid=1\u0026callback=_aq_510006\u0026sess=","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:44.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.qcloud.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 15 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"97:D5:C4:59:CC:DB:39:C1:09:48:A2:5C:F1:CA:F9:65:FD:86:E4:8F","sha256":"A6:65:54:11:17:3C:C3:1A:6F:AA:C1:D8:E6:1D:0F:59:2D:E8:DF:E7:8F:D2:BB:F9:40:83:5D:1E:01:65:D9:30"}}},"request":{"raw":"GET /cap_union_prehandle?aid=189999718\u0026protocol=https\u0026accver=1\u0026showtype=embed\u0026ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTM0LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTM0LjA%3D\u0026noheader=1\u0026fb=0\u0026deviceToken=v3%3AAqCh%2F9igof%2FYMW0xoIXEnN7X7yMJbZ1Fg4%2FcPh%2BxoLTfIgFq8ELDagQ4bRKpDBBAp3YmAsRL70tsKXArJfu%2FSP%2FAZ87VZYi7nBe6GcPdE%2FJ8T13bWvROlQ0lYDBTGpZbRFePBCrMuo5U2BOwd7XeVBB4Civ%2B1X6ddiIJE99Cb99aT4GTq8DT0HhaJokgkj%2BrgdijoNsvAfFNwjllcG%2Bvg5OnG1Y1NSfNtxSWGEHjjF9%2BtIaiblTz2WYzRKXgaoEO0PVehceYSxEzR8jVXSpwYyq8vq5Gnfe7o%2Fegu89qKvwYgUrbon2nVSI%2Bh5pK3mZWRFJpZxMR0pLQ93PuEYWf%2BfFHF9hTQw64ci5RvJjvNkCFxCMnEDxDzSzpYfYopXpjgHkJ4OmDCfJqoh1McLjuzOFplkQUcEsYRfYimWRwL1E7eGvrLKJmDGGux6o2RXi6aFKHuLGyLraTllMa0TzZWYy5endIQlqBpaE4vP23muoB\u0026isJsVersion=3\u0026aged=0\u0026enableAged=0\u0026enableDarkMode=0\u0026grayscale=1\u0026clientype=2\u0026cap_cd=\u0026uid=\u0026lang=en\u0026entry_url=https%3A%2F%2Fbethash.bet%2Fregister\u0026elder_captcha=0\u0026js=https%3A%2F%2Fglobal.turing.captcha.gtimg.com%2FtgJNCap-global.c89bafa8.js\u0026login_appid=\u0026wb=1\u0026subsid=1\u0026callback=_aq_510006\u0026sess= HTTP/1.1\r\nHost: ca.turing.captcha.qcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 18 Apr 2026 12:47:48 GMT\r\nContent-Type: text/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nP3P: CP=CAO PSA OUR\r\nPragma: No-cache\r\nServer: Trpc httpd, tencent http server\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2734,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (2734), with no line terminators","md5":"925db589aaaa2f84c7ec51ba59d4c7e5","sha1":"aad4464a6c48fbbe0d54b78f8661f6f9eab4e155","sha256":"0c8a0e311aeb96049fcfd41ffe3dec928f36579e51f2d0c771779a7bcdc9b0ed","sha512":"80799d2b91f4a831ea5d6abc598a8e5e9f91f7f48c861ddec810a50043ef4ea7b905fc4bb52522cd0df8f4b3b821e689fd761e9dbfc8223a77e28169d56cfcbd","ssdeep":"","tlshash":"d451e876475a60ab9da029d8b646f01594f33011c6c01fba96f95d14c71cae93b1b18e","first_seen":"2026-04-18T12:48:06.588886Z","last_seen":"2026-04-18T12:48:06.588886Z","times_seen":1,"resource_available":true,"data":null}},"time_used":3486,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3485,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/images/5.png","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:36.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/images/5.png HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/template/pc/skin/css/public.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-d33\"\r\nexpires: Mon, 18 May 2026 12:47:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D8rQ6Cl6RjssHIN3PH6O6I%2F3VKHQqqR0CpKdCQarhU8oyuDT5nXl7aRL08S0FuTRFhvQQn%2Bp4VYLeNmlkIxuELzJArr3XiL%2B666l7AWHQ9ffz0OA%2FhkjlG5xBAK6e%2BmLVxJtlg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c76d7967b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 31 x 31, 8-bit/color RGBA, non-interlaced","md5":"eca0d56fcd6e7b76a6fabcadeb0df9f1","sha1":"05aa1623ed8aae0ce7d8f160e8cdbfc8aa9e4e2d","sha256":"fc69aefaf80d2e2ac1c0822ba57b4264f60062438d9171f96c117ce3dda75b34","sha512":"70a255aa39ba9b0c59f109b7743412097b376d34a404029723df495b975d81e1619de5880b4e53b4dea8329c7eeeabd1ebcb3a357dc2e0953237b0879e5971c9","ssdeep":"","tlshash":"f3615e48a0614856100e4bf936fbed078e13d7d8936d1e0c9dfd420f9521d517c74f6a","first_seen":"2025-08-14T04:55:24.361064Z","last_seen":"2026-04-18T12:51:41.28198Z","times_seen":16,"resource_available":false,"data":null}},"time_used":704,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":704,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/images/18.png","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:36.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/images/18.png HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/template/pc/skin/css/index.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-b3b\"\r\nexpires: Mon, 18 May 2026 12:47:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XRhEMoqk3f3GVnnSzqIYncoQFkpZGF%2BSTFt9PXwRgUzhArUapUnemnUb9gDEwqxmNsmkUNs7UrAW%2BXq5yjCF8S4cziBGw11rTxOrYdZ2R3acLRYu%2BFkr2jVHN4VL0chmIoDh6Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c76d896cb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2875,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 14 x 8, 8-bit/color RGBA, non-interlaced","md5":"3d5a28cb8bac81f2111fefce2b7e3ff2","sha1":"bfebb73cfbb25feeb2bd9cb82fa803611763c3ca","sha256":"09da36c63fe6599283af7e680315a74425c5d595b4a81e4703a31330b96bc31e","sha512":"3c8ece9cf2ed60aa670afdc5375ee26a5c2122623d4aed28e084c0e5f51661ed46ff701a98d0ae898a165fdd5ba6aa895c5ec7dd418ecb16a179d2c9ce85451b","ssdeep":"","tlshash":"0e516d899844481e104907bb366bde064927e79053581e0c9efe834fc630c517d35b5b","first_seen":"2025-08-14T04:55:24.268242Z","last_seen":"2026-04-18T12:51:41.287307Z","times_seen":13,"resource_available":false,"data":null}},"time_used":712,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":712,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/assets/main.4821d4f2.css","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:38.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 09 Dec 2025 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:22:2C:06:7C:F7:60:E2:00:D8:75:A5:16:3C:F0:6D:35:12:F6:A9","sha256":"A2:B0:3C:02:0F:09:7A:78:65:5D:9B:E6:20:FC:1A:99:B6:C6:33:AF:64:FF:07:B3:78:1D:B4:83:04:C8:B1:FF"}}},"request":{"raw":"GET /assets/main.4821d4f2.css HTTP/1.1\r\nHost: bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/register\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:45:51 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\nexpires: Mon, 20 Apr 2026 12:45:51 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: W/\"69de49f1-4954b\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a0228782537cf4c86245da194c3750e4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: mINT2cTdQfizj0zPQ-acWgYqu8Wg8QoqqHRLSGxejrZSQTp8srTQbQ==\r\nage: 107\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":300363,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"31e2160323dd36f8d7f8d08ebc8ed9ca","sha1":"7d2de58110a2c1431473fe1bd7f287e4d0b2a374","sha256":"4744f1cc150d0937c0d9f221847a0ac3c1d35140ae3153f20b18033b4e5cd14a","sha512":"30c834941bdb91b805cfe635944f9619ef90d5ab751d10c8181d975342c7d6019fad976757e16da9dc16c2567f09f37f2c000464b7fab62a2aa20e18b7696f1d","ssdeep":"6144:ANUxkF3KCkZkw71ZACkFDS3vyf58rBe105TdkZtww1OA7k6Dv3+yu5trGeW0OTxo:ANXpKfZkw71ZACkFDS3vyf58rBe105Td","tlshash":"f95487ba5652222960334ab3d7cc5d98562dc66356630dee77413c0bcb82fde339a31b","first_seen":"2026-04-17T00:42:36.065935Z","last_seen":"2026-04-18T20:07:52.04372Z","times_seen":9,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/public/upload/system/2018/08/02/10ea05d1385576f2927c53de76825d08.jpg","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:35.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /public/upload/system/2018/08/02/10ea05d1385576f2927c53de76825d08.jpg HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/index.html\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:36 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-42a5\"\r\nexpires: Mon, 18 May 2026 12:47:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iRXlQnL8sg6%2B1VPrJvC9InPV4F3Wfd9XBludJOiAYZ8AS22gscXBUUC0rix3WAWeSnN21krLgHh0pNOyHKF7PuzSLM6HXDlEWTjjXgTi0gtpsOGK6gNCb4kwX%2FctUbEhbfLsFQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c765c912b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17061,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=92, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=180], baseline, precision 8, 180x92, components 3","md5":"aa4f58f8f28a2b69dfd108d7e5c50e2d","sha1":"3a4079105f5e18a059eb20be6b5ad040f5a1c6e6","sha256":"1c8b6ac2743788d4b7319b9da8ea4a0a440867179ad9065c7b0fd094ab3bfa29","sha512":"52b177428fb66bbd35a9203566406ff56f3e37b6cf9bbae875e4667b30f8ff1031443afbcc6f949bb2546ccb4c9b7de6760940abe974d360344118ec4bb0fbea","ssdeep":"384:79DTO1FAPiCYDTO1yqnOQqTI/qsvvvvhXsVz174OZUp9jza:79DTO1FAPsDTO1yqRqsvvvvhcR17RyXa","tlshash":"57726b1ab2a0cfd0f8c912b69ca1ef1797d19c415b973056fdde38897bb23a4884c246","first_seen":"2025-08-14T04:55:24.363027Z","last_seen":"2026-04-18T12:51:41.310972Z","times_seen":15,"resource_available":false,"data":null}},"time_used":735,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":734,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/resource/loading.gif","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:38.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 09 Dec 2025 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:22:2C:06:7C:F7:60:E2:00:D8:75:A5:16:3C:F0:6D:35:12:F6:A9","sha256":"A2:B0:3C:02:0F:09:7A:78:65:5D:9B:E6:20:FC:1A:99:B6:C6:33:AF:64:FF:07:B3:78:1D:B4:83:04:C8:B1:FF"}}},"request":{"raw":"GET /resource/loading.gif HTTP/1.1\r\nHost: bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/register\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 274364\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:45:51 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\nexpires: Mon, 20 Apr 2026 12:45:51 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: \"69de49f1-42fbc\"\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a0228782537cf4c86245da194c3750e4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: IXI5TjW-C_oeWLkLZWxIaln4-bFgtvGILXv8vi07ZYt1FcQ06FXXIA==\r\nage: 107\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":274364,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 353 x 370","md5":"8d744031c2bfe2012884005c5c4b7360","sha1":"93f681b4d3c1f32a64f74215c110ceb06c23f165","sha256":"b8c8cec7becdadf09e1112be6962c55d57cb1b5bd61e68e3e60c0a925f00615f","sha512":"5e2e2d2195e432ba2403b83c5c1e6d52e34887fc5d6b9d79bc69adccd09b4b9fe60dd60d5dee9c250c20da30a6fbf1e245257997b624d3596fcb34e15d3b19b3","ssdeep":"6144:GvsVFdYaDyl+ikVjnIZJNhS6kNnYut3yobI4NsyxhEr:GU7/ylvkVjIZJ7SeutiokIREr","tlshash":"b94412d74f5a4ffec8371126606a53db2ca71e80bcf3e1b41b52e69445b2928a04f5f1","first_seen":"2025-05-28T04:51:10.47814Z","last_seen":"2026-04-18T20:07:52.030831Z","times_seen":42,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethash.bet/api/getConfig","fqdn":"api.bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.47","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:38.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"86:2B:30:37:50:F6:61:76:8A:6C:6D:7A:B3:11:E8:CF:20:CD:5C:01","sha256":"C4:5A:3D:6D:5A:90:2C:4A:57:BF:0B:B6:77:9B:C1:D6:1A:C7:CD:B8:83:F8:E5:10:AF:7A:01:1E:DD:65:43:7B"}}},"request":{"raw":"OPTIONS /api/getConfig HTTP/1.1\r\nHost: api.bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: langcode,user-device\r\nReferer: https://bethash.bet/\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\nallow: GET,HEAD\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:47:39 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: oh_tb1devPJDKTbhMiBQwDqNm0t5D1MAfkKhCwp575X3hAFoiEsurg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":770,"timings":{"blocked":126,"dns":52,"connect":1,"send":0,"wait":517,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-18T12:47:34.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sat, 18 Apr 2026 12:47:34 GMT\r\ncontent-type: text/html;charset=utf-8\r\nlocation: index.html\r\nserver: cloudflare\r\nset-cookie: home_lang=cn; path=/\nadmin_lang=cn; path=/\nPHPSESSID=f64adkafin24rk5uq5eosgmok2; path=/\nsite_info=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: private\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LHnjq91OIcIhAdWCZcjF1K3GeYHHUcwbbRgx3VG%2FaMv8D1y0HfDh55rG1BoWwB%2BXRcQ%2B56BdSH2klXVkhx%2B3wx6hl6a9G4PAKvbMLEVMep6vsAXDSwnEEmVx3xEdKHFEl9TSyQ%3D%3D\"}]}\r\ncf-ray: 9ee3c75dfeb956a3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11526,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":820,"timings":{"blocked":18,"dns":0,"connect":1,"send":0,"wait":784,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/images/17.png","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:36.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/images/17.png HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/template/pc/skin/css/index.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-b32\"\r\nexpires: Mon, 18 May 2026 12:47:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UCDwsh39hdUUz5vYNx9Uffj7N5PktqgU7FGKVjrv3RJzs%2FE2o%2BX3p5L84SvE96oKCFihjREDBk%2BQE%2BvE1eWLhh%2Fv7ZU6nRRW%2BJ0hPURySKR66PPPlzi26l%2FwXL2Q3RFqD48xJA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c76d7969b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2866,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 8, 8-bit/color RGBA, non-interlaced","md5":"48304345e7428d2402ba3660e8fd0b69","sha1":"df5d4d5cda5f362af2d7bc8f47167f4c29c4ce87","sha256":"8555df17e36c2139d150e96e2c966f01c6970a9abea3b2b3a20a1db6e771b585","sha512":"c5b8ec54506a0a5056cfbd451aa9bc14ff56df0f1cca17bebf47cd80ad3b56cd8aa7bd27a384e874f1a1d56a791f0a808b48405e9ef76ca5e9fb9b761b60ab0f","ssdeep":"","tlshash":"98513d8d9840496f104e06bb397fde054a67e794539d1e0cddfe834f8620c517c75b6a","first_seen":"2025-08-14T04:55:24.273034Z","last_seen":"2026-04-18T12:51:41.291009Z","times_seen":13,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":700,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-EV1YS9GR4D","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:40.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=G-EV1YS9GR4D HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 18 Apr 2026 12:47:40 GMT\r\nexpires: Sat, 18 Apr 2026 12:47:40 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 157084\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":473272,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"3addcf2b8c9f8d968a8f6abfac7b7492","sha1":"0b53f8f2448ed7db92671e41d7deb55118712467","sha256":"04430404ec305b6905e033812c96f5303bde8956b41751f7a6008d7d5f2839d0","sha512":"15faf942dc9fcca14e26c6195dfa68ee1e57d0eb28bf7889c6d7cc1912eca895e2a9b8861f7a05da0a4aa44beb986aeea9e294b5f833abfdf02d35c699810aac","ssdeep":"6144:jF4OjKg7CA4MRBRfrJPj8B3v0yIjwcHCpLUgW6w01V91XG:x7t4MtfrJL8p5WOW","tlshash":"67a409ceb3d674625396f478903f018ba57b28a2b44cc89af189cce42d7465a4277f7c","first_seen":"2026-04-18T12:45:36.447503Z","last_seen":"2026-04-18T12:51:41.321297Z","times_seen":6,"resource_available":true,"data":null}},"time_used":236,"timings":{"blocked":84,"dns":1,"connect":7,"send":0,"wait":27,"receive":40,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.turing.captcha.gtimg.com/tgJNCap-global.c89bafa8.js","fqdn":"global.turing.captcha.gtimg.com","domain":"gtimg.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:42.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.gtimg.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 24 Feb 2026 00:00:00 GMT","end":"Wed, 24 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"BA:08:F4:14:CE:A1:19:41:5B:1B:49:47:36:ED:5D:D9:75:EB:21:B8","sha256":"1B:6A:3C:E4:2D:7F:45:5A:83:7F:AB:6F:F6:D8:95:42:54:4E:56:C7:0C:45:D1:05:D6:A0:4E:78:62:A2:88:5D"}}},"request":{"raw":"GET /tgJNCap-global.c89bafa8.js HTTP/1.1\r\nHost: global.turing.captcha.gtimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Mar 2026 07:46:54 GMT\r\nContent-Encoding: gzip\r\nEtag: \"f8b43141654524d80df081c3ed90b439\"\r\nContent-Type: application/javascript\r\nDate: Tue, 31 Mar 2026 07:15:13 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 85448356857139650\r\nx-cos-request-id: NjljYjc0ODFfYzZhYWYyMWRfMjcxNWRfZGY2MDMyOA==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 258923\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 4629928551884487882\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":711341,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (60159), with no line terminators","md5":"434fc1a424b9e1c7fe931f240c16c080","sha1":"4bfb6cde69dabc4bf8de129f2541c95b5daf80fc","sha256":"d0b7ae0a0a87c008aa6ba0575518785fa53d24bac0661a7ae52287813877d2fa","sha512":"a5b4716d0b0bed50cb3c431e6f9f4eca5471a59e67ef8e92f9dace5cc38aec8d91baf636eba5ecdabcdc4d886756ab98b0c491d0f797245946ccbc94bcb6afde","ssdeep":"12288:skViGKDQc49wxGl1OmDttStYc3sT2xsU2qCgSMFC1wi5Kw9w5Am8FKk8JWDWiRIF:aRDQcjGlYmrTDWiRIB/","tlshash":"f9e41a407ad0a85d035b4f7b732bb1e6f85e0d6eb888488ff145bc9095e952bf9e0670","first_seen":"2026-04-01T08:03:24.041324Z","last_seen":"2026-04-18T20:07:52.033606Z","times_seen":17,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/images/bg.jpg","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:36.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/images/bg.jpg HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/template/pc/skin/css/public.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:37 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-4bd\"\r\nexpires: Mon, 18 May 2026 12:47:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wDl3RqxxepcYomOAp%2BiFHBwRR2t6xyhTNMuAQojrFmVTr7CfVLxs6SikBumMDPWNYK0WjCZymjlRS1CLoylKE%2BL2QDWzf1nst8CXVKT%2FYUYGiLnmpBulUt0kHSNmULgMSwcVYg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c76d495eb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1213,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 8x7, components 3","md5":"fad5a0c088275a0d4f19cb7cf3fc292a","sha1":"e8c6d58cf696b3ad14e70dfc956891c80b9305e1","sha256":"fcddc724fbdc56836a13970f21b3ef13553dc66dfe0fc94a928f9f8864ead0b8","sha512":"e7b7f089381ddc84cc2d5ea247878d77bf67e7b896ab8188fa25f529bb8a09da6981d43e69935fc21629443172af6f125358e7987da7586600049398d5e1c923","ssdeep":"","tlshash":"4721000eb653ab07e4dce83534f3d1264a010880ebc1a94aa8fee846a8311f5085d5ca","first_seen":"2025-08-14T04:55:24.364519Z","last_seen":"2026-04-18T12:51:41.284655Z","times_seen":16,"resource_available":false,"data":null}},"time_used":721,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":721,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.dogecoinkan.com/template/pc/skin/images/2.png","fqdn":"m.dogecoinkan.com","domain":"dogecoinkan.com","tld":"com"},"ip":{"addr":"104.21.24.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:36.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dogecoinkan.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 15:57:02 GMT","end":"Sat, 30 May 2026 15:57:01 GMT"},"fingerprint":{"sha1":"5C:C7:08:0C:86:CB:A1:50:8E:EB:B5:97:62:5F:1D:0E:E5:5D:F4:C8","sha256":"6E:88:53:15:D9:33:AA:4F:15:56:33:5B:44:9C:A9:0F:26:73:EC:35:9C:B9:0A:FB:76:78:3D:50:26:5A:AB:89"}}},"request":{"raw":"GET /template/pc/skin/images/2.png HTTP/1.1\r\nHost: m.dogecoinkan.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/template/pc/skin/css/public.css\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=f64adkafin24rk5uq5eosgmok2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 18 Apr 2026 12:47:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 27 Oct 2018 02:06:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5bd3c82a-d90\"\r\nexpires: Mon, 18 May 2026 12:47:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BtsWADmZ0rZT3IEqU969uIyhQ0hzRdOR%2F3f8RO5kD%2B7Jb0jp%2Bzl2LnyfqpSVawSosY7Sw8jObVRDh3soUCcP4htpKOuAj6XoBvD5hhgE0XeGAxD6oIeikKN%2BCftygYOvPc4s9g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ee3c76d7965b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3472,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 31 x 31, 8-bit/color RGBA, non-interlaced","md5":"909c8d67ac8461d57f907b14c4a8716e","sha1":"cbaa100aceb359abbe60766091e35f078b9c3f9c","sha256":"725253c3799143a072e1861c95b34c9bc965907646fcb6ff1250a2565a12f142","sha512":"bac381409af6189b318fdcd652e820abf67e0c9b0dc582a9c1198c642b6f7043a51d67bba42db8f6fba4d6a8a4dca2d761a19e908673d1df319f1d1d785e572c","ssdeep":"","tlshash":"21615dc5a8410126144606da257fec074916ebc0935a7e5ceafe938f8610e923cb5bae","first_seen":"2025-08-14T04:55:24.292101Z","last_seen":"2026-04-18T12:51:41.289312Z","times_seen":16,"resource_available":false,"data":null}},"time_used":716,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":716,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"m.dogecoinkan.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/assets/main.ecaab409.js","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:38.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 09 Dec 2025 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:22:2C:06:7C:F7:60:E2:00:D8:75:A5:16:3C:F0:6D:35:12:F6:A9","sha256":"A2:B0:3C:02:0F:09:7A:78:65:5D:9B:E6:20:FC:1A:99:B6:C6:33:AF:64:FF:07:B3:78:1D:B4:83:04:C8:B1:FF"}}},"request":{"raw":"GET /assets/main.ecaab409.js HTTP/1.1\r\nHost: bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/register\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:45:51 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\nexpires: Mon, 20 Apr 2026 12:45:51 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: W/\"69de49f1-18c141\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a0228782537cf4c86245da194c3750e4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: dxfjn-5_AJOCL1kqQj9ZA2IwmRUBwwZUAo7yD_gcD3SUKa4xFjoIng==\r\nage: 107\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1622337,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"775a4622ab55db05a5a6d63c71c24e6d","sha1":"e33cbdb0509a729a632477665cf131ea5a7c7786","sha256":"d058ecace9257f5ee4d222393d9a13088cc5954cc306116e584c09251484a28d","sha512":"ff1b6351eff5b5210161d1eca6251de30b4ebb9da86ba3752a9b13812c1a40fe361a2696718ea0d75ac9fc66c0925f9ff058e0f62fef07379b72fddd5ebcba1a","ssdeep":"24576:dV6cDTV090IdumcYuCoj4Cb2VJGpzyIdwWGeHy+:dV6cDTV090IdumcYuCoj437GpzyQwWGk","tlshash":"4125d8d8b1cb999103d689c45ca722d1b12c1e463488e6e7f878ad7afcd11b58673f38","first_seen":"2026-04-17T00:42:36.054269Z","last_seen":"2026-04-18T20:07:52.027824Z","times_seen":9,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/assets/login.8d1f7ec0.css","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:38.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 09 Dec 2025 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:22:2C:06:7C:F7:60:E2:00:D8:75:A5:16:3C:F0:6D:35:12:F6:A9","sha256":"A2:B0:3C:02:0F:09:7A:78:65:5D:9B:E6:20:FC:1A:99:B6:C6:33:AF:64:FF:07:B3:78:1D:B4:83:04:C8:B1:FF"}}},"request":{"raw":"GET /assets/login.8d1f7ec0.css HTTP/1.1\r\nHost: bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/register\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:45:53 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\nexpires: Mon, 20 Apr 2026 12:45:53 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: W/\"69de49f1-a59\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a0228782537cf4c86245da194c3750e4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: gTUTtxAP5KOqlUhrWRXXp9Mduosj5jA1A7wslznAkmcW-2aSzPHxsA==\r\nage: 105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2649,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2648)","md5":"503b97cdc95108f941030eb1c01d201f","sha1":"6dfdd198a0f97cb2e67aca865291861f79589f93","sha256":"adc27c8fc06250aae3c1817c514ff88384893d3ca706a2c8124a20636512b6f9","sha512":"ab7bd818432678251dd90494ce209d7721951ac3bc348973b8b763768ec5ff975aaedebe16424ebe73aaf68e3757abcd856820e9b394d4f57269621a3731234f","ssdeep":"","tlshash":"515100216c4f692cb03be062a4f011ec6108c783e5a25f7dca6539ecd9c36d62e3b2c1","first_seen":"2026-04-17T00:42:36.080437Z","last_seen":"2026-04-18T20:07:52.020209Z","times_seen":9,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/assets/pathseg.8e50599e.js","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:38.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 09 Dec 2025 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:22:2C:06:7C:F7:60:E2:00:D8:75:A5:16:3C:F0:6D:35:12:F6:A9","sha256":"A2:B0:3C:02:0F:09:7A:78:65:5D:9B:E6:20:FC:1A:99:B6:C6:33:AF:64:FF:07:B3:78:1D:B4:83:04:C8:B1:FF"}}},"request":{"raw":"GET /assets/pathseg.8e50599e.js HTTP/1.1\r\nHost: bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/assets/main.ecaab409.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:45:52 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\nexpires: Mon, 20 Apr 2026 12:45:52 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: W/\"69de49f1-9bbe\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a0228782537cf4c86245da194c3750e4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: Uc-M6UTs_psn0-4nzBeiujRSDnijb4fzLs2d6D52ganvPteyTGtz9A==\r\nage: 106\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":39870,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (30789)","md5":"4abc45fac2e718d0fbdde7b49d94eefe","sha1":"b1fe7c6ace1a17ba8f0f56c2c93e75f4e80c806b","sha256":"4a1921893f8fe2d43c35077b4613c738e348e866c6ce8b2ea5d238e9e5ef2ae7","sha512":"861a86d99e2c8f148b931e318defde6d6a647f7433b682b7cede601cdf7c4cd7b403fe4b543e23be16a694a63d177eb84cb093a7e29ea53afe24ee2c4e81e2a4","ssdeep":"768:GCOCz2cv5dYTaulgQwKKh9eE8/nyjyUCJ8:GCOCicv5dYTaulgQw3s8","tlshash":"1003f150b5557669029ed2c6113f3a0bb33b54ec8808e09cf35dd4cef868887d99abbd","first_seen":"2025-05-28T04:51:10.295799Z","last_seen":"2026-04-18T20:07:52.045291Z","times_seen":41,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethash.bet/api/getConfig","fqdn":"api.bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.47","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:40.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"86:2B:30:37:50:F6:61:76:8A:6C:6D:7A:B3:11:E8:CF:20:CD:5C:01","sha256":"C4:5A:3D:6D:5A:90:2C:4A:57:BF:0B:B6:77:9B:C1:D6:1A:C7:CD:B8:83:F8:E5:10:AF:7A:01:1E:DD:65:43:7B"}}},"request":{"raw":"OPTIONS /api/getConfig HTTP/1.1\r\nHost: api.bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,langcode,user-device\r\nReferer: https://bethash.bet/\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\nallow: GET,HEAD\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:47:39 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: BVPvZ7un3tz-wz59KA_Skpac-WGJS32kM7hzA6FChaWqHN7myAtrtA==\r\nage: 1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethash.bet/api/getConfig","fqdn":"api.bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.47","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:40.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"86:2B:30:37:50:F6:61:76:8A:6C:6D:7A:B3:11:E8:CF:20:CD:5C:01","sha256":"C4:5A:3D:6D:5A:90:2C:4A:57:BF:0B:B6:77:9B:C1:D6:1A:C7:CD:B8:83:F8:E5:10:AF:7A:01:1E:DD:65:43:7B"}}},"request":{"raw":"GET /api/getConfig HTTP/1.1\r\nHost: api.bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: \r\nlangCode: en\r\nuser-device: 2\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:47:40 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: x1bLhDAY7ypTjGaThS9Ba8NPiKEyqjJHQDxW8XaWDS3CLCcW9tDglg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":29414,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7b6a443dc05b25c555c97176309397d4","sha1":"7246b295b1a913729f199c91dbaa1a819885d945","sha256":"91fac140307cc157d0f90a1085673ac12f60fc66c3eec8d1cfcd41cfc6eb1ac6","sha512":"a31ecf19877ff1fee9b9666d6ffc9a1d6c44bdaa397090a64c3b125fa885b2e7b9ed084cdddd73cb6bf220910ef6e579f0dc0eb2ac035398ec617613a9f2d7b5","ssdeep":"384:bS6GbOAGS616ttXj/pGEI4ttXjJGpswTLwejI2WwbY:bS8SttXjB64tXj3ejIfw0","tlshash":"06d263bef7fc68a145f141c00d97765b16da31086fca4ca896fbce5c43885a41b2f29b","first_seen":"2026-04-18T12:46:26.95481Z","last_seen":"2026-04-18T12:48:06.575094Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethash.icu/","fqdn":"bethash.icu","domain":"bethash.icu","tld":"icu"},"ip":{"addr":"104.21.33.10","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://m.dogecoinkan.com/index.html","date":"2026-04-18T12:47:36.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.icu","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 16:10:57 GMT","end":"Sat, 30 May 2026 16:10:56 GMT"},"fingerprint":{"sha1":"F0:09:BD:76:0A:96:0F:9A:F8:96:8F:77:16:3C:F7:DD:F9:9D:69:4D","sha256":"B5:39:79:F6:AA:48:AB:76:07:92:2E:BC:D0:1A:DA:68:F9:17:B0:BF:92:C2:3A:18:B2:A2:03:93:C5:D5:74:9A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bethash.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.dogecoinkan.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:47:37 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Sat, 22 Nov 2025 05:08:21 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l2TaFkjnQzKv3qxCEUPSCMnFlMeI2vmJxG2kaIJkZ4FawD6clibs7BGWlKkaBqU1QGkVZ%2FHbK%2BK%2FbABJo%2BnmeiyWwzfzodf395%2BnK2X%2Bm%2BY9np%2Fz%2Fnwc%2BR5t3QqejQ%3D%3D\"}]}\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ee3c76d8b21b512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":523,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"95c1117f7daf560d59d0eb7236d1139c","sha1":"b756dea7a9593a808096454b2495177a5cfc56ee","sha256":"371c290826472559f35d57e4333bb8d0ae7b37e7615235a380a531f288431432","sha512":"c93251be8ffffe894170aecf8d372c385d9b9438ce7213cd96d9f25494edca8942dcc6ec37f08db8b9c5904dbdca04dcb5f67e80ff62e337da08ded4bb149eec","ssdeep":"","tlshash":"8ff09edb0c12880e01b09a311de2f21e56fb44e4d609d881fac3e4c7189db868da73bd","first_seen":"2025-12-07T12:04:58.61686Z","last_seen":"2026-04-18T20:07:52.048762Z","times_seen":11,"resource_available":false,"data":null}},"time_used":767,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":726,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethash.bet/assets/login.4af18a7f.js","fqdn":"bethash.bet","domain":"bethash.bet","tld":"bet"},"ip":{"addr":"52.84.50.59","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:38.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethash.bet","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 09 Dec 2025 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"68:22:2C:06:7C:F7:60:E2:00:D8:75:A5:16:3C:F0:6D:35:12:F6:A9","sha256":"A2:B0:3C:02:0F:09:7A:78:65:5D:9B:E6:20:FC:1A:99:B6:C6:33:AF:64:FF:07:B3:78:1D:B4:83:04:C8:B1:FF"}}},"request":{"raw":"GET /assets/login.4af18a7f.js HTTP/1.1\r\nHost: bethash.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/assets/main.ecaab409.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:45:53 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\nexpires: Mon, 20 Apr 2026 12:45:53 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: W/\"69de49f1-ce3\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a0228782537cf4c86245da194c3750e4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: Ro9a8NO5eI0Z_YSPSjTsAEkBWlotl7vkaafIDi4090BbWKdR6ILwEQ==\r\nage: 105\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3299,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3298)","md5":"326f993fcf46a737902c9eba084f110c","sha1":"44a183bb22cbd17afaf2cc11a95098ca3d18008b","sha256":"b4b44bcf0e547c0f150691b55fab3d06c3787ee99b4c47780d5efad16a875dc4","sha512":"5fab21f48b7e34cf779de3d2c1c86268c9dbf551e12f2bc018238e072063f110b6de9da931569f04aea69b2cbc92d0e985d0a5b860971cd73a5869e5d8e29f92","ssdeep":"","tlshash":"8361be9af81e8a3ac9765544c4b6240c390d2ff46250af7f5cf88e253fd5e6d270e2a0","first_seen":"2026-04-17T00:42:36.056852Z","last_seen":"2026-04-18T20:07:52.022667Z","times_seen":9,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethash.bet","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"global.turing.captcha.gtimg.com/tgJNCapCss-global.8449b280.css","fqdn":"global.turing.captcha.gtimg.com","domain":"gtimg.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:41.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.gtimg.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 24 Feb 2026 00:00:00 GMT","end":"Wed, 24 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"BA:08:F4:14:CE:A1:19:41:5B:1B:49:47:36:ED:5D:D9:75:EB:21:B8","sha256":"1B:6A:3C:E4:2D:7F:45:5A:83:7F:AB:6F:F6:D8:95:42:54:4E:56:C7:0C:45:D1:05:D6:A0:4E:78:62:A2:88:5D"}}},"request":{"raw":"GET /tgJNCapCss-global.8449b280.css HTTP/1.1\r\nHost: global.turing.captcha.gtimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 20 Jan 2026 10:53:36 GMT\r\nContent-Encoding: gzip\r\nEtag: \"8449b280e4269aa9b92fe9b07182ae9b\"\r\nContent-Type: text/css\r\nDate: Fri, 23 Jan 2026 01:52:58 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 7979581459429129190\r\nx-cos-request-id: Njk3MmQ0N2FfOWYwZTc5MWVfYWI3M18xNzlhN2Nk\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 6391\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 154680188155317754\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61637,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (61637), with no line terminators","md5":"8449b280e4269aa9b92fe9b07182ae9b","sha1":"661fbab09bb12ffd4368fd9599cfaf179fc5d03f","sha256":"9fbcf619d9a779a1e59d276134b58ff5e9b6bdc81141d84237379542f9c46eda","sha512":"0c0e0ee796b4f6fc2428084543c481fc9347059df514bc5d353e2919513e9c1d4b2e6b1b6b460cdb7095b39b44a5158895bd3748626b155fe0a0313292699987","ssdeep":"384:C6s6YwiLaghl/CjqHPj369U8Dkhg9x7zZuvVZAhu3lUVjZGZpWRb:C6s6bi2G0Nuvkhwlwj4ZQl","tlshash":"de53f2f2002c1e06daf2c417868f9696d034c353f12a81dbb5d3d21587ab9f7b9d19ae","first_seen":"2026-01-26T11:46:07.107684Z","last_seen":"2026-04-18T20:07:52.041151Z","times_seen":18,"resource_available":false,"data":null}},"time_used":900,"timings":{"blocked":439,"dns":41,"connect":21,"send":0,"wait":21,"receive":1,"ssl":375},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"77hash.s3.ap-northeast-3.amazonaws.com/hashpromo.js","fqdn":"77hash.s3.ap-northeast-3.amazonaws.com","domain":"77hash.s3.ap-northeast-3.amazonaws.com","tld":"s3.ap-northeast-3.amazonaws.com"},"ip":{"addr":"3.5.242.6","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:38.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3.ap-northeast-3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 14 Feb 2026 00:00:00 GMT","end":"Thu, 11 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"8E:7B:63:EF:E6:C9:5C:E2:75:EC:28:1B:89:0A:7B:5A:75:7F:58:D8","sha256":"2F:C4:88:1B:AD:C8:3A:F2:3A:5E:75:3A:97:20:2B:B4:E1:CF:A3:62:48:15:B5:56:53:F5:84:C3:DD:53:FB:E5"}}},"request":{"raw":"GET /hashpromo.js HTTP/1.1\r\nHost: 77hash.s3.ap-northeast-3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: TUxrvgmIJ7gbQsGm6Vu6Doj6vgRxt6IsLbxAdZ2B2xG6m0hlvIia13R1CNROFVWva76I2V/3n67SGmrlPZdHfMpRv1pnpMI7\r\nx-amz-request-id: 5C82KBW51Q2P06ZN\r\nDate: Sat, 18 Apr 2026 12:47:40 GMT\r\nLast-Modified: Tue, 19 Aug 2025 01:01:42 GMT\r\nETag: \"651fef4b8d3c09c66a018e7992ffde28\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: application/javascript\r\nContent-Length: 1195\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1195,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (317), with CRLF line terminators","md5":"651fef4b8d3c09c66a018e7992ffde28","sha1":"f7f945dfdbfdd068f5718f2b30b9a5bc284922ca","sha256":"89cdcc8fd721bedabc8d24c13aa1600a1082327c0afb92b28772da0ddc13e5d2","sha512":"fdbfca8ed676d6fad0a00e21413fb4c1f21e19edb78d38493412f075ec1d3be3bf82c42a3f0b4dbb2dcf1170fe241eacbc3a35dbf18aa8cd47a767505cc7a896","ssdeep":"","tlshash":"0d214567e865c12f32fcaaf353a1b1293121e314e31dc7163e4f60a723524d64335438","first_seen":"2025-08-21T18:39:39.064186Z","last_seen":"2026-04-18T20:07:52.047076Z","times_seen":38,"resource_available":false,"data":null}},"time_used":1574,"timings":{"blocked":636,"dns":24,"connect":284,"send":0,"wait":314,"receive":3,"ssl":311},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethash.bet/register","date":"2026-04-18T12:47:42.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"POST /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/json\r\nContent-Length: 324\r\nOrigin: https://bethash.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethash.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":324,"data":"{\"channel\":400058,\"platform\":4,\"events\":[{\"id\":\"EId_TId_Init_Start\",\"content\":\"{\\\"t\\\":1776516462584,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\"}\"},{\"id\":\"EId_TId_Init_End\",\"content\":\"{\\\"t\\\":1776516462586,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\",\\\"dur\\\":3}\"}],\"buildno\":200500,\"uuid\":\"872e4a144ec64b77994ced7f5d92d91a\",\"seq\":\"86379787-3c48-4646-9a03-66985c712e2c\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:47:42 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}