{"report_id":"74ac1a53-105e-4cac-b56f-145fd8c7f048","version":6,"status":"done","tags":[],"date":"2026-04-18T12:45:09Z","url":{"schema":"http","addr":"dogecoin8.com","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":0,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"dogecoin8.com/","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"title":"Dogecoin - An open-source peer-to-peer digital currency_","dom":{"size":185391,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (28926)","md5":"54d19e5ee91b7fe89199fa911afb2d58","sha1":"fa9954dae15ad1660d94b6b058d41e3f190f6a3a","sha256":"ad1ba957407bf12f3df1f7c69f83508a3aa302cd67772eb435cd5a771c472111","sha512":"75a3900367fd41a2cfe428ae851d65aa3ce3da44ecfd1004a3988db363e0592479b8e4631652b1c5f16b95a9dae4f7798957e57f96d61be35c3f9063d716c602","ssdeep":"3072:mvcnWEqQPVk64KDlpKtaLQ2/8HNi9ex9jdc8T6i82ZbDa3tsuX+a5HHG7VKWH:mvcnWEqQPVk64KDlpKtaLQ2/8Ho09jeU","tlshash":"62048df429812c225efbd1e59246a20eae37b757eb07c88271fb911457daef0e853c44","dom_hash":"domhash40a3204195cc249b3c775e236c1d393d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"dogecoin8.com","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":0,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-23T12:45:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"dogecoin8.com","ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"domain_registered":"2024-08-21","domain_rank":0,"first_seen":"2026-03-02T03:43:08.488845Z","last_seen":"2026-03-02T03:43:08.488845Z","alert_count":136,"request_count":68,"received_data":2170283,"sent_data":36886,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"jQuery:2.1.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"i00.c.aliimg.com","ip":{"addr":"163.181.57.254","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United Kingdom","country_code":"GB"},"domain_registered":"2008-03-26","domain_rank":0,"first_seen":"2012-05-29T18:56:21Z","last_seen":"2025-09-23T17:52:51.065916Z","alert_count":0,"request_count":2,"received_data":425252,"sent_data":877,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"global.turing.captcha.gtimg.com","ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2008-10-09","domain_rank":579962,"first_seen":"2024-01-22T04:09:05Z","last_seen":"2026-04-17T00:42:14.384204Z","alert_count":0,"request_count":3,"received_data":864161,"sent_data":1321,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-04-12T22:24:43.06808Z","alert_count":0,"request_count":1,"received_data":473876,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"sdk.51.la","ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":347679,"first_seen":"2021-03-08T16:03:51Z","last_seen":"2026-04-12T05:06:05.205521Z","alert_count":0,"request_count":1,"received_data":76174,"sent_data":464,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bethx.vip","ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2024-12-01","domain_rank":0,"first_seen":"2025-10-14T04:01:42.809824Z","last_seen":"2026-03-27T13:47:03.017341Z","alert_count":34,"request_count":17,"received_data":3187936,"sent_data":7613,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]}]},{"fqdn":"77hash.s3.ap-northeast-3.amazonaws.com","ip":{"addr":"3.5.242.71","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2025-05-28T04:50:51.18741Z","last_seen":"2026-04-17T00:42:14.306062Z","alert_count":0,"request_count":5,"received_data":14501,"sent_data":2329,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"hash166.com","ip":{"addr":"156.250.137.188","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"South Africa","country_code":"ZA"},"domain_registered":"2026-01-31","domain_rank":0,"first_seen":"2026-03-02T03:43:08.501034Z","last_seen":"2026-03-17T16:33:28.637466Z","alert_count":0,"request_count":1,"received_data":3268,"sent_data":511,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-04-13T05:16:52.426887Z","alert_count":0,"request_count":1,"received_data":356,"sent_data":463,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ca.turing.captcha.qcloud.com","ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"domain_registered":"2003-07-24","domain_rank":777871,"first_seen":"2024-01-22T04:09:03Z","last_seen":"2026-04-17T00:42:14.633954Z","alert_count":0,"request_count":4,"received_data":906175,"sent_data":2914,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"file.zcwz.com","ip":{"addr":"183.134.100.145","port":443,"asn":58461,"as":"CT-HangZhou-IDC","country":"China","country_code":"CN"},"domain_registered":"2005-03-14","domain_rank":0,"first_seen":"2025-03-19T09:06:51.809655Z","last_seen":"2026-02-23T13:16:49.337006Z","alert_count":0,"request_count":1,"received_data":50818,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"img.raoyu.net","ip":{"addr":"123.206.218.78","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":221,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"static.stockstar.com","ip":{"addr":"175.43.192.174","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"1997-01-28","domain_rank":0,"first_seen":"2021-11-04T13:33:59Z","last_seen":"2026-02-02T03:36:21.898803Z","alert_count":0,"request_count":1,"received_data":62314,"sent_data":471,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.tongjiniao.com","ip":{"addr":"43.248.142.46","port":443,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"domain_registered":"2022-12-22","domain_rank":2882232,"first_seen":"2023-02-01T17:01:19Z","last_seen":"2026-04-18T10:12:45.530345Z","alert_count":0,"request_count":1,"received_data":370,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.bethx.vip","ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2024-12-01","domain_rank":0,"first_seen":"2026-03-02T03:43:08.483572Z","last_seen":"2026-03-27T13:47:04.075077Z","alert_count":24,"request_count":12,"received_data":128128,"sent_data":6243,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]},{"fqdn":"www.turingfraud.net","ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"domain_registered":"2021-11-26","domain_rank":123997,"first_seen":"2025-09-02T10:13:24.398569Z","last_seen":"2026-04-17T00:42:15.556884Z","alert_count":0,"request_count":6,"received_data":2358,"sent_data":3046,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img.alicdn.com","ip":{"addr":"47.246.44.178","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2008-06-25","domain_rank":61670,"first_seen":"2015-03-04T07:06:39Z","last_seen":"2026-04-16T05:21:25.463247Z","alert_count":0,"request_count":1,"received_data":77633,"sent_data":489,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-04-13T04:36:40.415277Z","alert_count":0,"request_count":2,"received_data":30880,"sent_data":1106,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bethx.vip/register/","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e5eb8703c542a15b6640cc66ffdbdf3","sha1":"586bac1512796bf6908bd1a009c4428507779d5f","sha256":"242a44bbd02b7d5650adc74d446f44b7b42745e30ef1249ee46347290957867b","sha512":"080bf55f38be4827ee6807af62b6e37d8cb08147c718aad9bf103fc303bca1a41df7107e67c1836f98e6c49623a1979efc9422910129075f7eeddc4e3e398952","ssdeep":"","tlshash":"38c08c88211b0cb092e62b414bbfe204b08a3212949069213d0f73088f20e07e744824","size":192,"data":"","first_seen":"2025-11-03T09:27:19.940714Z","last_seen":"2026-04-18T20:07:52.055225Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/js/main.js?t=1589099922","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bae7e1f2826dc25581a6c5ee703468b","sha1":"a1271c061ee338b5aeaa0fb0a35330e682ed9eb5","sha256":"8941ab33c055bd38bcbe67ad4efa1bd3aaf0750acc19dd32528292e41af716dd","sha512":"9d64a7f681009dcef3fee0b80ad2080e184eed862ec948ff04253a585d466650391b7697f52596adba616836cc8bc00eeb0c28237c79cdea7d39a9af9310a930","ssdeep":"","tlshash":"76518d0af100e1f714bb362a877a5484fe2e580fca049740beed9aa51f70099b153f6f","size":2882,"data":"","first_seen":"2025-03-27T13:50:35.243964Z","last_seen":"2026-04-18T12:49:49.692514Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/js/swiper-3.4.2.min.js?t=1589099922","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb13ef3e875ca3497ede35d3774be9d3","sha1":"ab0743a89d522438c17ae7eaf5943fd4590ee3d0","sha256":"4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083","sha512":"7b9fba1a93c724bc53e1dd4e27e59534430076346ddc73b24fcb71c9b7cb831321a70ffa38797185f7108ee64a18f1fa08cf2b7ccf2dbfc03e767b23187814c5","ssdeep":"1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTR:LTX73uTq/","tlshash":"0d93d66eb314f3e295d3214a675ac64122f21706b809dae870b54c4a68bcc5d03bffbd","size":96419,"data":"","first_seen":"2023-03-07T01:17:19Z","last_seen":"2026-04-18T20:53:06.209452Z","times_seen":3123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"302eebc2521f877da7c5252181ff58cb","sha1":"e6edbfde0e4b4d5c9365d3d2d5fb08f7471fe724","sha256":"1d27858c92e275099adf6a8122c159673b4401ac5e7e2773ca9d2f5df163ef4f","sha512":"3d232bb41a9f02295a8aa3b51b0ea196798b88ff76b695361e6405667f6ad278f1f7a038ad2dc107ea41f92a69c172aa8a5be955a96498d40a7df7677faa0acd","ssdeep":"","tlshash":"c0b012917a72d8586a3a050287ffb0510f56d167c834d20034ace85e0fe0c10a537679","size":125,"data":"","first_seen":"2025-10-29T00:54:05.881416Z","last_seen":"2026-04-18T12:49:49.728282Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hash166.com/","fqdn":"hash166.com","domain":"hash166.com","tld":"com"},"ip":{"addr":"156.250.137.188","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":true,"md5":"271f56ee51e77bb4eaab7a2e3f9e826e","sha1":"ab5fa78e1b0d70ad830cd009ebe4a4dc35c1fb73","sha256":"3a3ec3fbc4f1051ae99171331ccc1a07c93c138b033db30dd3749439617ef05e","sha512":"5d5f927a02c64906506d1fc3e00b06baf3a99df5c3da06169ab5d1a715314812d9b839f0acfd0bf0e73022c2fb4bd28190b3988629dd20219d71e516a30af7bb","ssdeep":"","tlshash":"faa00103068a8829b8f83281db9823516d9525aca39bb80cb60a7291b085602ab0f982","size":83,"data":"","first_seen":"2025-08-29T05:43:52.758161Z","last_seen":"2026-04-18T12:49:49.729441Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-18T20:29:49.366224Z","times_seen":85684,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?e4d96263a9a49b5719dead97eb43ae0f","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"ae6796bb0c2e948ff2394d80104a39a1","sha1":"98b2f92acffcdb9ced45bb441143e1004a930b8c","sha256":"b2be95b99c7df97687eb0b49a88383265985485f70ef117e2da4d846b59ef64d","sha512":"e010af466bafc21123a4f59f4d67eba995dd82531cbadc324632f0a4701968681d26b8363ced3df8d36df4eff46522d83fc4e1ee7d85211f67c3754d861c5e72","ssdeep":"384:51JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:514VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"d2d2d9e9b282713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29898,"data":"","first_seen":"2026-04-18T12:45:36.461602Z","last_seen":"2026-04-18T12:45:36.461602Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/TJNCaptcha-global.js","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f54a9725d467aa5b83da934abe6898c","sha1":"7a22abada5e5bbb0a73ee548ccf8cf0544bafa14","sha256":"71e6fd2d67cddb60983bca18452d0cc29513ebb31c7e6bdb9cdf48073b8d627e","sha512":"04dcefb913958bc4e2f134695e1c0ed43c5aba28c1e6c223fc6df9727a5edbf03a8e9bbe5fbae25881044b531209027e4f40b77b27c600a3e7c01891d27a8b53","ssdeep":"12288:wKkkZEAi1UFtNgKsuPEX77Ng6RXvWbiqQFb6tDITMzvs60jr0lUirMcDkwqBwmho:xPEoFtNgVuPEr5qR0fwMHvpkv9ossWCq","tlshash":"2c15b84077c07849539b8f3bb32bb5f6f81a0c6a3d98448bd600fc5466e6627fae5931","size":903500,"data":"","first_seen":"2026-04-01T08:03:24.05058Z","last_seen":"2026-04-18T20:07:52.0514Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/js/jquery-2.1.1.js?t=1589099922","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b0bc30d9bdfc389526361019dec7736","sha1":"036d737fb63a019d8a1c434f2b4545b22b6fd45f","sha256":"e176dc8d5da626a295961c495ff00c67ac6dd9295677410f6e211537dfb3a1e0","sha512":"8c389fe6ecefb91e0f4b42c59a1aa8ccaf26ba14e86a7b435a0362494afd09f3ef1235c6d2328a06181772dcde0149c494785fdca57c8682c9eba47127a4690c","ssdeep":"1536:DPEkjP+iADIOr/NEe876nmBu3HvF38NdTuJO1z6/A4TqAub0R4ULvguEhjzXpa9y:oNM2Jiz6oAFKP5a98HrJ","tlshash":"6583d6d9b2c67062977734b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","size":84247,"data":"","first_seen":"2023-03-07T01:39:52Z","last_seen":"2026-04-18T12:49:49.667112Z","times_seen":1315,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"14537fc2a984b2fd4b01bcdacd444d7c","sha1":"f9b07f9225d113a8713ce4a4cabdfed8cf4bf18c","sha256":"3c0735f5e755060ee265858db8f1ef3ca2740cb3b18d22bdffe081c63bece5ae","sha512":"2de2c58a2afa2eb16c2a648f1b79825f57992c6c901f108834ee97fd48e7236b7491a796421c3672ae333b090c39ce9148ae7b33e17ef0b5c8ec8e590b253c43","ssdeep":"","tlshash":"d8e0680d25e6960f68860802662b60156b8026e410c048a8b8eeec1d3790d9b52b9420","size":381,"data":"","first_seen":"2025-10-31T00:12:05.188221Z","last_seen":"2026-04-18T12:49:49.728877Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/event/js-sdk-event.min.js?u=3IYrMEx1ZJz1RPeO","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"d8b86cb6f6c21e85b9c937dfdb9c2d28","sha1":"b4d1693de341bc8907adf4ce9c92ef81fded922b","sha256":"76321b4c7a653d40fb72e4e2501842d3b12f3bd2822e7d1103054eeff1a6a53c","sha512":"5557b2e594e8fa69722453a399c2b48335a241f01ab22c1ae151a98fa637139372d9105c7d48428d0af31cc9c7d70672fd0ad59f58823963e813d528434e3b1b","ssdeep":"1536:Mm/6jaOdXslehi41GvwsciNxLbxLcBXs1v3kjs+TTk1TVBSYreiMUGsnJ9+Saebb:MmDS8SOZ","tlshash":"3c7309de31c2b07253e7316a106f610bf13a5d556c0e5820f215d999bc78e8b82bbf6e","size":75730,"data":"","first_seen":"2023-04-07T05:45:48Z","last_seen":"2026-04-18T21:02:39.30749Z","times_seen":1560,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hash166.com/","fqdn":"hash166.com","domain":"hash166.com","tld":"com"},"ip":{"addr":"156.250.137.188","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"South Africa","country_code":"ZA"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-18T20:31:28.530587Z","times_seen":106215,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/login.4af18a7f.js","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"326f993fcf46a737902c9eba084f110c","sha1":"44a183bb22cbd17afaf2cc11a95098ca3d18008b","sha256":"b4b44bcf0e547c0f150691b55fab3d06c3787ee99b4c47780d5efad16a875dc4","sha512":"5fab21f48b7e34cf779de3d2c1c86268c9dbf551e12f2bc018238e072063f110b6de9da931569f04aea69b2cbc92d0e985d0a5b860971cd73a5869e5d8e29f92","ssdeep":"","tlshash":"8361be9af81e8a3ac9765544c4b6240c390d2ff46250af7f5cf88e253fd5e6d270e2a0","size":3299,"data":"","first_seen":"2026-04-17T00:42:36.056852Z","last_seen":"2026-04-18T20:07:52.022667Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/pathseg.8e50599e.js","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4abc45fac2e718d0fbdde7b49d94eefe","sha1":"b1fe7c6ace1a17ba8f0f56c2c93e75f4e80c806b","sha256":"4a1921893f8fe2d43c35077b4613c738e348e866c6ce8b2ea5d238e9e5ef2ae7","sha512":"861a86d99e2c8f148b931e318defde6d6a647f7433b682b7cede601cdf7c4cd7b403fe4b543e23be16a694a63d177eb84cb093a7e29ea53afe24ee2c4e81e2a4","ssdeep":"768:GCOCz2cv5dYTaulgQwKKh9eE8/nyjyUCJ8:GCOCicv5dYTaulgQw3s8","tlshash":"1003f150b5557669029ed2c6113f3a0bb33b54ec8808e09cf35dd4cef868887d99abbd","size":39870,"data":"","first_seen":"2025-05-28T04:51:10.295799Z","last_seen":"2026-04-18T20:07:52.045291Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-EV1YS9GR4D","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3addcf2b8c9f8d968a8f6abfac7b7492","sha1":"0b53f8f2448ed7db92671e41d7deb55118712467","sha256":"04430404ec305b6905e033812c96f5303bde8956b41751f7a6008d7d5f2839d0","sha512":"15faf942dc9fcca14e26c6195dfa68ee1e57d0eb28bf7889c6d7cc1912eca895e2a9b8861f7a05da0a4aa44beb986aeea9e294b5f833abfdf02d35c699810aac","ssdeep":"6144:jF4OjKg7CA4MRBRfrJPj8B3v0yIjwcHCpLUgW6w01V91XG:x7t4MtfrJL8p5WOW","tlshash":"67a409ceb3d674625396f478903f018ba57b28a2b44cc89af189cce42d7465a4277f7c","size":473272,"data":"","first_seen":"2026-04-18T12:45:36.447503Z","last_seen":"2026-04-18T12:51:41.321297Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.turing.captcha.gtimg.com/dy-jy3.js","fqdn":"global.turing.captcha.gtimg.com","domain":"gtimg.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"626436a6c87a002eb7e8a99c6f5f96b6","sha1":"67d9732c33dc7689a98e63af2a97b0912f290762","sha256":"2a5fc3ad9f9e68e6de662de3e43661e1e8e447df0929efc64c0f067be2d9c455","sha512":"36dac1d5ea743f78e2fa1a503ce5d4448497717589529d1946edde1e474968d116bb21cea723ce8cf3cbb7d6b195d347588a0aa00473b5f41808dda1ee50369c","ssdeep":"1536:BjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:BYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"7c93f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8eabc78a4e827bf7d","size":89391,"data":"","first_seen":"2023-03-09T21:24:24Z","last_seen":"2026-04-18T20:07:52.033055Z","times_seen":1113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/js/wow.min.js?t=1589099924","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"36050285bfeeb7395752f0f9bbc08273","sha1":"5924f7bbbf1dfa3f0926851d01f782f23a59e805","sha256":"0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69","sha512":"bf887e087c52583114b77bfb417d7dffa0ee8634d39155af14591a24b2add9ef4c8a0c0555364122800d07a55f5f1fb0c723b39541b069a437ff558ddbf380a3","ssdeep":"96:UrZgL1xvPV6GqKgR6TYLWHFMLJA6pOROVEE1fosvGeaMozHImBaoqbl:Ury9PVfIFrlAJROVEEdos+eatzHILoA","tlshash":"750267c97a967031d75796f6833f0106b6361aeeb028047cb5b88dd57c78868523bf38","size":8415,"data":"","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-04-18T20:36:26.489565Z","times_seen":10163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"43b4cbdb69553659e6dc29dc3fb3c1b2","sha1":"a74e66a8a6165080d2c3958284bf8bd46825807b","sha256":"ba41d61bdb2f60eecb86eb5331123c5e26641dcd7cb467daecedfa02dd77bc70","sha512":"814d5be415d6c09fd33ad99b5e12f3f18d3cbec7cb98590f0a4b7f5e65ab50b1557282ce5ef6ecee309e5e52d52eb8df8d88691c995cef04e88d1549574895a4","ssdeep":"","tlshash":"4711d07b0a72901c9326e01e703a958d35b484267f21da45f0f8fd3e9cd4f15446fa9c","size":921,"data":"","first_seen":"2026-03-02T03:43:39.545682Z","last_seen":"2026-04-18T12:49:49.733884Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ad005dbc802815555a46b256b2eef1c","sha1":"e163de4c1618c26b7ac324d695232b8951fba3f9","sha256":"a4e7cf536d3d5632c69f7f546ab79f9f5177a56ad90b13857d862eea53556551","sha512":"5ca47d024c59aaf4e89d6b4fbf37d51c0acf542f16f6ab18094d6348b8a68b5c7483b2fceb77ca8c6f178699ae42ba9874dc67d3469c7eaa32ebcf6235309c60","ssdeep":"","tlshash":"d211ce8176d271b0553b352f957f66401c255003a81ada60f4ae1ee08fa912cbab6ea7","size":1011,"data":"","first_seen":"2025-11-12T02:54:17.286876Z","last_seen":"2026-04-18T12:49:49.734378Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hash166.com/","fqdn":"hash166.com","domain":"hash166.com","tld":"com"},"ip":{"addr":"156.250.137.188","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":true,"md5":"e77452fc7ef03bc4f20304926fe8d0ce","sha1":"c785189608238beb41e7077f2b4e9097ca7eb722","sha256":"fd40132ee157a67afd45fbd53596fe68433076005eb73a5301049114394d030e","sha512":"dba89727d4547aaaffbbdb686d814cbcd350f6a27ba317644f335ba08f2bc22d0eca2335501c27d1ef0cc495a021f0aea0083a2f7acd964b63e1efd5bde9d4a3","ssdeep":"","tlshash":"d9d02e1f2c5518b4236d082c10fada8cb1a2648c613ed500a1dde8829ab0ec2083e788","size":254,"data":"","first_seen":"2026-03-27T13:47:19.329237Z","last_seen":"2026-04-18T12:49:49.730507Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/main.ecaab409.js","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6f56a6beea8bddaf29b9de2edf07661b","sha1":"9bbb1246c58a38265b5f11bfdc22a5c6b5f17116","sha256":"2289afee27d3691de91ee42e4ca50a799383894c12edfa99d6df77adadfdab44","sha512":"3e29cc24b98e784fa43e4e399a5d48105148c75e5ce5d6381ebb6191ebbd1a1c19f1c59b4646eeecd3c25cdef15b6a84841a48ad1549ece8a7490c24b84bcf2c","ssdeep":"49152:dV6cDTV090IdumcYuCoj437GpzyQwWGUyv+A:54GSp","tlshash":"687586acb1cb999103d589845c6632e1b11c1e4a3588f6e7e8b89d7afdc11b1c673f38","size":1622337,"data":"","first_seen":"2026-04-17T00:42:36.103161Z","last_seen":"2026-04-18T20:07:52.054322Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.turing.captcha.gtimg.com/tgJNCap-global.c89bafa8.js","fqdn":"global.turing.captcha.gtimg.com","domain":"gtimg.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"434fc1a424b9e1c7fe931f240c16c080","sha1":"4bfb6cde69dabc4bf8de129f2541c95b5daf80fc","sha256":"d0b7ae0a0a87c008aa6ba0575518785fa53d24bac0661a7ae52287813877d2fa","sha512":"a5b4716d0b0bed50cb3c431e6f9f4eca5471a59e67ef8e92f9dace5cc38aec8d91baf636eba5ecdabcdc4d886756ab98b0c491d0f797245946ccbc94bcb6afde","ssdeep":"12288:skViGKDQc49wxGl1OmDttStYc3sT2xsU2qCgSMFC1wi5Kw9w5Am8FKk8JWDWiRIF:aRDQcjGlYmrTDWiRIB/","tlshash":"f9e41a407ad0a85d035b4f7b732bb1e6f85e0d6eb888488ff145bc9095e952bf9e0670","size":711313,"data":"","first_seen":"2026-04-01T08:03:24.041324Z","last_seen":"2026-04-18T20:07:52.033606Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/cap_union_prehandle?aid=189999718\u0026protocol=https\u0026accver=1\u0026showtype=embed\u0026ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTM0LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTM0LjA%3D\u0026noheader=1\u0026fb=0\u0026deviceToken=v3%3AAqCfezegn3s3AsKPXaccYkIn6lk1WcmvIjTYEvNrPCVtiRPogzfOXDeqXjqB9jzWovV%2FdL8tvqBm5yZxIhPvNtCuuqt3bf3mA4Zw7lQcy5xDYSYPpKiAy3So3zsPog3c%2BQskoWKpkkYnsFXCFG5nPRff3SvqbgAgGBtTK5AbfqeUfRWqLcaqWd1BTHY0AVZbzo5larQFUJA1ORYJKSCQMX%2Fcks%2FbW6EydgI%2BRX7uTtTK0GRKQVKdV7R8t6LLu3ie0zwJzV4X75sWLZZEq0j%2BNRXEkEw2iXP6bLvAbInunjbP5UfU2dgA4LffJ%2FmdjMYvf7tMxt0A8SaRqeEGKP%2Blss1iu2%2BzK57OyMhw4157lZyrDoGr3%2F4kd8NX%2Bat8o1jwh571QYmPDbx3LdxONYs85VQF%2BtFBvdbEcGcey%2B2fH6sdW9UOfncZXcL68TqGnd1ASD6ZG2CEmJIvgS1siCY9DgUom0l97QTH9S3MfkM%3D\u0026isJsVersion=3\u0026aged=0\u0026enableAged=0\u0026enableDarkMode=0\u0026grayscale=1\u0026clientype=2\u0026cap_cd=\u0026uid=\u0026lang=en\u0026entry_url=https%3A%2F%2Fbethx.vip%2Fregister%2F\u0026elder_captcha=0\u0026js=https%3A%2F%2Fglobal.turing.captcha.gtimg.com%2FtgJNCap-global.c89bafa8.js\u0026login_appid=\u0026wb=1\u0026subsid=1\u0026callback=_aq_958963\u0026sess=","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9917fb6cad9e9f77703ff4e8eb56c4d","sha1":"e3229523a33de8eac9bc1f66a4c15160ea544b0c","sha256":"e713bc9823e0e197a362c9e66e109e0710d70aa9d5a5db6afab9784162e2d7a4","sha512":"ddef8ec39ca65ad78860f9b2ecb980b36034e9c1575a9ce54f0505cfcc34c364b43c4c3b1718021279dc00c97bdc025e3c828794851625bddeecf0ca16655d70","ssdeep":"","tlshash":"c01198704bdd43508f9a30f205651152b9dda19280dc4fbe0cd8de1456e6bf173b748c","size":987,"data":"","first_seen":"2026-04-18T12:45:36.406565Z","last_seen":"2026-04-18T12:45:36.406565Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/js/fastclick.js?t=1589099922","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e096fb71e09084346d770f701c6968e8","sha1":"de96993b59d5d5f1e0188a0e0dabd4bd02697383","sha256":"0f6cf9af2e7b843fff331e3977d1ee17879710fdfc30d572d57f7b12aa153eb0","sha512":"589940183c32d81a1b71464b50467aa8e1cbbbdcdbe5bb33fc71e933d3c0b087d7e715f9b99feb9a82d4705becac129104351a521cf62abd44c0c44269617832","ssdeep":"384:qv22ogWnLYDfrcfb3iESyEzEo4IyMBMzFn+tZDXZJbcd5P2s47y72SZNSLGOb6:q6g8LWy3iwFtM2AZJOPx7ga","tlshash":"46d23f4f36e611b2459f623e6b8b6184f375809b52068488bc5e9fb82f58f3143f1ee5","size":30619,"data":"","first_seen":"2023-03-26T08:03:05Z","last_seen":"2026-04-18T12:49:49.673923Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hash166.com/","fqdn":"hash166.com","domain":"hash166.com","tld":"com"},"ip":{"addr":"156.250.137.188","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":true,"md5":"68b329da9893e34099c7d8ad5cb9c940","sha1":"adc83b19e793491b1c6ea0fd8b46cd9f32e592fc","sha256":"01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b","sha512":"be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09","ssdeep":"","tlshash":"c700000000000000c00000300000000030300000000000000000000000000000000000","size":1,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-04-18T20:21:03.565243Z","times_seen":189911,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hash166.com/","fqdn":"hash166.com","domain":"hash166.com","tld":"com"},"ip":{"addr":"156.250.137.188","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"South Africa","country_code":"ZA"},"introduction_type":"scriptElement","is_inline":true,"md5":"4634f1aa10bcd0a4ca944df7c834e9d2","sha1":"adb7ae816e56e7a1c944b50f86ea7a1dca7d0041","sha256":"970d6e228459a05e2e4ed585e3ee25b001154575851facda0d2e1c23d2af045b","sha512":"9c66c90fa5f00ff3a6f766709b42b45261eec0f3d061c84a4c94e38f1fa30694a28a528b4670df06ce32421a2874d0e5041a68109a1e1682bf3ac5307b4fcbe7","ssdeep":"","tlshash":"ac01fd3a4613a02a03335030f551c7a82174c01bfe238a027aaf3ea40fcda986ca9c98","size":786,"data":"","first_seen":"2026-03-02T03:43:39.547236Z","last_seen":"2026-04-18T12:49:49.735537Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hash166.com/","fqdn":"hash166.com","domain":"hash166.com","tld":"com"},"ip":{"addr":"156.250.137.188","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"South Africa","country_code":"ZA"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-18T20:31:28.530587Z","times_seen":106215,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hash166.com/","fqdn":"hash166.com","domain":"hash166.com","tld":"com"},"ip":{"addr":"156.250.137.188","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"South Africa","country_code":"ZA"},"introduction_type":"Function","is_inline":false,"md5":"0c41e506b53425982c48a527ea92695a","sha1":"0138ab20e73e9f456a2dcf729cef1c25e150acb5","sha256":"7f0be7594dc7b4cc42327a4665d56847ccfb64f71f05dd3edfffac9e89025527","sha512":"0f074bac9e79a62732e88ea34a1c6a634121a2dfa037593ed2186ccb00bfd56490f7cd805115a508e073838c7d9d7f4e6270c0184a51cf178aa559aba202d018","ssdeep":"","tlshash":"ebe0e7dc32cb08c93fd72cc40015004cc43e2e573b405c912c01560714dac2710427ae","size":305,"data":"","first_seen":"2026-04-18T12:45:36.489717Z","last_seen":"2026-04-18T12:45:36.489717Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"0a3a0b592b9c285e050805307cee87c2","sha1":"125a168e24b2bd38aadb84cbb5f87f316b073c41","sha256":"aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23","sha512":"4097f05a9ce819914160aeba71fa11524f6b291a39b7c948509d756318b600934f1d195980df66bc7731e327979135bfcbe0e9ff3758d779a72481ed623cd3a5","ssdeep":"","tlshash":"a34000000000000000000000003000000000c000000000000000000000c0000cc00000","size":6,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-04-18T20:22:36.654954Z","times_seen":233273,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"74312d9fd3d0d77a65b4edf6f7a9d543","sha1":"f8f99b78a90612dba2ab0f2f96d35ef3c77cd3c6","sha256":"e3932ed210d0dfb6820eacc496a3e5a609b8f011515b9324fe93b5d956a11f08","sha512":"12b6bcebb7867a2385206e03146b39db530208a5265d2e19423d7072042b085c883f48ba1d0757d1c27e624ae66da318eef2727806baf1c8caaec3df92c16312","ssdeep":"","tlshash":"52c080a34153d81c5125c151f471705c155d4e7457674c835d536e3eccbca9484e94dc","size":169,"data":"","first_seen":"2023-03-07T12:43:11Z","last_seen":"2026-04-18T20:18:04.024471Z","times_seen":5119,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"53c2281f7926baedde3632397124be60","sha1":"e8c5005c0b9c637c1768e5a69cdac8171c05bce8","sha256":"9f0cb15a6ea03d5394474768e294412b128a5bef64fe62837316fbd96cbba936","sha512":"1fc7d2102d7be936893c762af436a7a2709452829e745a3c2c93c4fd784672c441467c74b7afe0384e0ec9a9d4d458accbf1eb4f064c93675f31dd1fff387332","ssdeep":"","tlshash":"27d02be18d8e28288179f0e07030076d7b3b43caeb685a2420f23e71a24f2912457dfd","size":274,"data":"","first_seen":"2026-03-02T03:43:39.553148Z","last_seen":"2026-04-18T12:49:49.738892Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"78ac2aa5ccc29c90a345c90aab40b442","sha1":"cac604932faa4add2955602b41de8a8bff362ebd","sha256":"53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e","sha512":"5c76abfa8f4091277643f4dad57c37d9eb71d33c9691f0e85bc82ac5f303d4e3da4937cbc2354e4d5c5d0022746d7c06f975f209067df2cefa55bd3827d892a7","ssdeep":"","tlshash":"31b01242d0575c0e0170c236ec485418474d4a7d9fa708010dc6ab5c0c99f1405e549c","size":103,"data":"","first_seen":"2023-03-07T01:06:53Z","last_seen":"2026-04-18T21:02:39.489442Z","times_seen":11581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"59cf81439a8bf9b569e5577fe5aa0de8","sha1":"7310f3ea09ddff6601e9da7bf0665b0edd6d1435","sha256":"235f11ebdcfb5a9e00906afc39c11efbaeed816b9040567cd61f18f9ce7242d4","sha512":"0b0c2f3ecaf57f468c4c73afbe288ef366f90a46fabc52916757e1bd9181fd34bfe73f77488a1ab464b22e7ffb92d592382c23a5d214119e1dab10d1bb6cbfbd","ssdeep":"","tlshash":"9aa01275087384306074895030429b986001802043140d0453163c20406c10f50a10e1","size":77,"data":"","first_seen":"2023-03-07T01:06:53Z","last_seen":"2026-04-18T20:04:07.811289Z","times_seen":5632,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"541fdbf27fee487a6a7abc7bea135420","sha1":"25b31600313f8e557d0c9c863dc9bdec7cf69ff8","sha256":"83bb85f2af78f20867aaf309bc56288e88127d3f3b84f855555664ce0a217fe9","sha512":"cb0acf99b0e5b4d02dbeac3b71074a1fdceacd20a8af003004df2be4952761dc4cbfc8802fd38b3d52fd2fa722d7ba5897b92aa7a79b4737830ec463d07af6e6","ssdeep":"","tlshash":"66b01270c905e428c125f10090808bcd26240189b6775f044528aa62508e9942c2c5c0","size":87,"data":"","first_seen":"2023-03-07T01:06:53Z","last_seen":"2026-04-18T16:18:06.394115Z","times_seen":1081,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"bdcc6c7c4ea89841065633c400561d76","sha1":"c6ab121ef7a78bc23c6c45fb513fdbe0875a0c25","sha256":"6497aa61e73d938d615cb279add2d928396cb1e653552a0c184aac2aeaa62572","sha512":"4cc083dcb45170f69e6927c140a776ae5df1ee7bca70ea49e8d11a2e6804e82a9e77f2da77e5f0fa8e73818a45c260beb4954d079ba9a7345b278ddf09caf64b","ssdeep":"","tlshash":"2dc080771425504d496491b530340d1450025f48f7436770abf13961614e19926e56de","size":171,"data":"","first_seen":"2026-03-02T03:43:39.551235Z","last_seen":"2026-04-18T12:49:49.737412Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/btn1.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/btn1.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:34:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6df6c-f20\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3872,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"3c82202159a42030992230ca466b7f35","sha1":"2d0326295ea6b22a21af2776a71e31ee911d7b8d","sha256":"538d12f5866704d6020286ddba884661eef93c33327efa0ff832d3574ed40c59","sha512":"b90cd6d87e4079a0235956499d81f66f1dba4fc40954b656b98cf448b8127804843d07c9479eb6cd1efca98f027ebd20795460088e6a46890898d5e31dcc638b","ssdeep":"","tlshash":"d3815d8a5880456d108b0aad3967cd47452b6b54935d5f0c98fac18b9b34c717c34b0b","first_seen":"2025-03-27T13:50:35.207804Z","last_seen":"2026-04-18T12:49:49.684776Z","times_seen":13,"resource_available":false,"data":null}},"time_used":423,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":423,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/foot4.010fb1af.png","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/foot4.010fb1af.png HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 5713\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\nexpires: Mon, 20 Apr 2026 12:44:54 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: \"69de49f1-1651\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: EJtN13E64I7F5C86nZeYuCNtdzvRRqXw008HkuDnLlkL9NjjzI1UQw==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":5713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 136 x 30, 8-bit/color RGBA, non-interlaced","md5":"f25126ecfc108ee3bbe50a07514376ce","sha1":"90f3b9d2ebcd802b70aceb9d9ccd4c893251e8c4","sha256":"010fb1af7611079239d25041cad7ba795dc68e263232c2a33b6147e6ea15c305","sha512":"fe1f1e6d5d6b0dc5d0e7add4ac98de085e0a9e9dd7b2ada7b43dcf250818689ab6c650dc676e087bcdc69c6a7d8de2b15ea05dfb8134112d87ea1309d5513326","ssdeep":"96:F7SlQxG/ICqqx/dvx96Cq2AZ9H2WuxcERyJhzRIy78RgDBQKA9HS1+jHDfWWA7qO:xSOCx/dvqC4jaehGyL1AQ1+jHDrA+O","tlshash":"1cc18ece4b7134b7bf8f0cdc9e86623a69fb3d15541423864ccf18e535a615a12481b3","first_seen":"2025-05-28T04:51:10.341856Z","last_seen":"2026-04-18T12:49:49.720594Z","times_seen":11,"resource_available":false,"data":null}},"time_used":557,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":557,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/js/main.js?t=1589099922","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/js/main.js?t=1589099922 HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:46 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-b42\"\r\nexpires: Sun, 19 Apr 2026 00:44:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2882,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"1bae7e1f2826dc25581a6c5ee703468b","sha1":"a1271c061ee338b5aeaa0fb0a35330e682ed9eb5","sha256":"8941ab33c055bd38bcbe67ad4efa1bd3aaf0750acc19dd32528292e41af716dd","sha512":"9d64a7f681009dcef3fee0b80ad2080e184eed862ec948ff04253a585d466650391b7697f52596adba616836cc8bc00eeb0c28237c79cdea7d39a9af9310a930","ssdeep":"","tlshash":"76518d0af100e1f714bb362a877a5484fe2e580fca049740beed9aa51f70099b153f6f","first_seen":"2025-03-27T13:50:35.243964Z","last_seen":"2026-04-18T12:49:49.692514Z","times_seen":22,"resource_available":true,"data":null}},"time_used":764,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":764,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getConfig","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:53.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"GET /api/getConfig HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bethx.vip/\r\nlangCode: en\r\nuser-device: 2\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: aaffBAvbE04qkZywzb7RQmFVyejyINOS5DktEPNC1AtpfEq3IyDq1g==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":29414,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"445cbfff6021d92930ffd3f745dc1fb2","sha1":"821f1dd1a743c70c421dc0256381ae736c30e77c","sha256":"c8a923aa01f355b68414088cfba0333c9e82dc2d53dca00e391fe54f1acafd34","sha512":"dc307bb95db2f07f531e05171e29b91a52dcd33a8ca0c682a44912d331417774fa7fc2e3b2c6a04968e6894e9a819d3aa8dc62188a3106116330448c1288fc3c","ssdeep":"384:bS6GbOAGS616ttXj/pGEI4ttXjJGpswTwwejI2WwbY:bS8SttXjB64tXjKejIfw0","tlshash":"dcd253bef7fc68a145f141c00d97765b16da31086fca4ca896fbce5c43885a41b2f29b","first_seen":"2026-04-18T12:45:36.30782Z","last_seen":"2026-04-18T12:45:36.30782Z","times_seen":1,"resource_available":false,"data":null}},"time_used":814,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":814,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"77hash.s3.ap-northeast-3.amazonaws.com/images/R5e1P1743468904250401.png","fqdn":"77hash.s3.ap-northeast-3.amazonaws.com","domain":"77hash.s3.ap-northeast-3.amazonaws.com","tld":"s3.ap-northeast-3.amazonaws.com"},"ip":{"addr":"3.5.242.71","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:55.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3.ap-northeast-3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 14 Feb 2026 00:00:00 GMT","end":"Thu, 11 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"8E:7B:63:EF:E6:C9:5C:E2:75:EC:28:1B:89:0A:7B:5A:75:7F:58:D8","sha256":"2F:C4:88:1B:AD:C8:3A:F2:3A:5E:75:3A:97:20:2B:B4:E1:CF:A3:62:48:15:B5:56:53:F5:84:C3:DD:53:FB:E5"}}},"request":{"raw":"GET /images/R5e1P1743468904250401.png HTTP/1.1\r\nHost: 77hash.s3.ap-northeast-3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: M6KnhxWchGZKyTUkQILyS529k08s4lMljChUoBOJS328RseAnEm2Ublpdo82cz3fnFYkmhrFKAA89wRDdBC772diOTJJ8GR3\r\nx-amz-request-id: NYWZCJQGZQA9SXMC\r\nDate: Sat, 18 Apr 2026 12:44:56 GMT\r\nLast-Modified: Tue, 01 Apr 2025 00:55:06 GMT\r\nETag: \"19cab88dbad1db4d11ae560bdd1fa681\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 3178\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3178,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit/color RGBA, interlaced","md5":"19cab88dbad1db4d11ae560bdd1fa681","sha1":"8499c22f82fb5a785c2d1a4feea0334796523510","sha256":"076dd9e374d84e17cefea06b145b66a7e7a9dcd071828a8739d75de4942ff987","sha512":"a92f1a18ac1681544a24ee9e2801b7c200a16e02c9449bea02c6bf4c910298e2f2c858ce03601d78f7644f28cf41ff16fcff7719f28c33f63bebca0a5d596a6f","ssdeep":"","tlshash":"38615da913d0651dd9d5273ab2eb561d375ec1ef63143dac0c67901f8ca4104aeeb027","first_seen":"2025-05-28T04:51:10.444963Z","last_seen":"2026-04-18T12:49:49.712524Z","times_seen":11,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:57.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"OPTIONS /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://bethx.vip/\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:44:57 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":1092,"timings":{"blocked":534,"dns":57,"connect":20,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:59.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"OPTIONS /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://bethx.vip/\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:44:59 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/i3.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/i3.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-785\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1925,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"ef7e6bdc2ada0cace2191f6a3202cc53","sha1":"279eb23193784722fb5dced45bf14b1ed3b8265c","sha256":"66c3ffafc701fefd43a3d8cbaea9dcf272d52263c11dd14328120ff87307c79f","sha512":"e740aa8cd9b2c01ee5ed29d12f890dcc3677478ff67c8f7f0abfcb5508c5957c6eaaa44daee2cf2b365afe97c871752c4803cb0f7db795f2eaa1523ef8d2a911","ssdeep":"","tlshash":"8141d94aba806e01524ddd8504f6a177aa518990d7f1f06366ced4333f77a79801dcce","first_seen":"2024-05-23T13:11:50Z","last_seen":"2026-04-18T12:49:49.699705Z","times_seen":15,"resource_available":false,"data":null}},"time_used":758,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":758,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/register/","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://hash166.com/","date":"2026-04-18T12:44:49.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /register/ HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hash166.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:50 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\netag: W/\"69de49f1-466\"\r\nvary: Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: fizBM7_-UPRKHGsOpvhmPhdYnpmWdzSMDKC5VH_V3TtjTAbGGuCCdA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]}],"data":{"size":1126,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (756)","md5":"befed1a1a13e1af29ee973fe11f593f7","sha1":"162cd8b2633e0f8e1303a85e4e89c217e3a21c4c","sha256":"91bd88ead0a80e2415c329c577385977439f14fb9183c57fd5cbc0c4e500bfe4","sha512":"b83158162f6242263325ddf2006542e80892e72343e71c7ee7534176dae1097e0ad6081a98db96bc35babe0067503f7f7ff9081b291a4b4a6bfd153ddfd88cff","ssdeep":"","tlshash":"062123d7dc11e91d52208a9475b0f20c85869a0ddb53dc9c95bd50368a24b9e8c75c64","first_seen":"2026-04-17T00:42:36.073334Z","last_seen":"2026-04-18T20:07:52.018241Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1281,"timings":{"blocked":382,"dns":29,"connect":97,"send":0,"wait":516,"receive":0,"ssl":252},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getPricePool","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"OPTIONS /api/getPricePool HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,langcode,user-device\r\nReferer: https://bethx.vip/\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\nallow: GET,HEAD\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: uaSdi5sigGmlZgDhiyM8Gxy_dEnxmrssqV8En-94BsV9srfRKuvejA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F415551L51.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F415551L51.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 07:55:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e16964-570f\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22287,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 280x271, components 3","md5":"141f404701d8e884b1865abdf9fc20a4","sha1":"f0901615d31e1de3451c9b08b4db9164fde36357","sha256":"b7f6dce1175f5ec8e85aa20b64c7c692dd5eeebe9d4cdce460818e9bb0d99938","sha512":"b5e8ca3acafaa233d08fa6e78205134c65d937ae9b5112573ccde2e348a02e79e45dcba652a953e77eab3feda778c78a37f3ae663b2d83542b9ecc1065d29df4","ssdeep":"384://fJF3lLWFCMnxjUVqHAeOShCSzkEVbohbcbGKN9IzM3ypD/C5TpuhU:/XrUqVqHNOsCSzTtoJOG7ZDC5QU","tlshash":"56a29e565150fc9c9e8f6073001bd260f37564b66e7fee24ae1ee5d3ae2a0039539b21","first_seen":"2026-02-23T13:17:07.969547Z","last_seen":"2026-04-18T12:49:49.69879Z","times_seen":4,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_ico021.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_ico021.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:25:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd2c-906\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2310,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced","md5":"67b1b6560563cca86488660847816411","sha1":"c5298b7e379e835a197318aa91664fb64d348221","sha256":"dc91c82a2a4c8bdbdc2992cd9d423bf235f0d085d73f428313b74ae157fcea7d","sha512":"9fe398f11e511197414bcea4efa03e96b55f69d07260ec460c500377f2f3e9b713b1f41f238e6931bc9e8ce18745293c62fabed33fae2b03a79a6ff2728826b2","ssdeep":"","tlshash":"f141c849b971a084cc6dd90600fee465af308e91f8c0f8fa7b8af8a71525575815d4cb","first_seen":"2025-08-04T10:32:45.292636Z","last_seen":"2026-04-18T12:49:49.694211Z","times_seen":13,"resource_available":false,"data":null}},"time_used":655,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":655,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_ico041.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_ico041.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:25:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd40-665\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1637,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced","md5":"b1ca0513b8e459c93d77ce23b6681f79","sha1":"f3f75ca5e25f077937de82e5eb01fe736d3e397f","sha256":"e6005d6065999c43ec0c34c7b9635badbc792e02c4a7754b577d598a537acb93","sha512":"7ab2139064c1e6bb9162dc9dbb1fd90d578a9376d164719732364d444385f68b8122cfefedcb511fb24e88e93a6b5f5099397714454b8eaaf53590b46f53dc75","ssdeep":"","tlshash":"6731d65cd171b4844f27de2530dfa012e436818c89c0ad6a99c5e9ab8935e7604386d3","first_seen":"2025-08-04T10:32:45.338843Z","last_seen":"2026-04-18T12:49:49.672191Z","times_seen":13,"resource_available":false,"data":null}},"time_used":652,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":652,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_ico02.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_ico02.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:24:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd26-70c0\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28864,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced","md5":"757fffcf5bc4cbd1969a562147b997ad","sha1":"cf18cf4f54c4603c30c0b85493170ae30fc2328f","sha256":"b9c56ec7c38d6fa7522517f4242c8bce729a3765c7757b66404bc1dd0a2b0aeb","sha512":"d1d4258549e46e4721e0c8a9d8aeedf5835ada7731a27974316b7841e77877009b3020ee3a517fd9bc2832dd2d61393c657549428db3656b1875fb3abcac7c61","ssdeep":"384:DexxIkNMW8uk+kHSsVQdpUU38vPLJicT5ywB8CLwiy8/Ms9XO8HW9erjd1IIa3Nk:iNy+kHSGQdKOmLJicNxBda8/D2wro3uX","tlshash":"77d2e045d7c2cc2ae8e5627fec8076a127c3554cb8351b786eb5d85edc12e380e628db","first_seen":"2025-10-25T15:13:09.749355Z","last_seen":"2026-04-18T12:49:49.69002Z","times_seen":8,"resource_available":false,"data":null}},"time_used":657,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":657,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/TJNCaptcha-global.js","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.qcloud.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 15 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"97:D5:C4:59:CC:DB:39:C1:09:48:A2:5C:F1:CA:F9:65:FD:86:E4:8F","sha256":"A6:65:54:11:17:3C:C3:1A:6F:AA:C1:D8:E6:1D:0F:59:2D:E8:DF:E7:8F:D2:BB:F9:40:83:5D:1E:01:65:D9:30"}}},"request":{"raw":"GET /TJNCaptcha-global.js HTTP/1.1\r\nHost: ca.turing.captcha.qcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 18 Apr 2026 12:44:56 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nP3P: CP=CAO PSA OUR\r\nServer: Trpc httpd, tencent http server\r\nCache-Control: max-age=600\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":903500,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62551), with no line terminators","md5":"4f54a9725d467aa5b83da934abe6898c","sha1":"7a22abada5e5bbb0a73ee548ccf8cf0544bafa14","sha256":"71e6fd2d67cddb60983bca18452d0cc29513ebb31c7e6bdb9cdf48073b8d627e","sha512":"04dcefb913958bc4e2f134695e1c0ed43c5aba28c1e6c223fc6df9727a5edbf03a8e9bbe5fbae25881044b531209027e4f40b77b27c600a3e7c01891d27a8b53","ssdeep":"12288:wKkkZEAi1UFtNgKsuPEX77Ng6RXvWbiqQFb6tDITMzvs60jr0lUirMcDkwqBwmho:xPEoFtNgVuPEr5qR0fwMHvpkv9ossWCq","tlshash":"2c15b84077c07849539b8f3bb32bb5f6f81a0c6a3d98448bd600fc5466e6627fae5931","first_seen":"2026-04-01T08:03:24.05058Z","last_seen":"2026-04-18T20:07:52.0514Z","times_seen":17,"resource_available":true,"data":null}},"time_used":3450,"timings":{"blocked":1671,"dns":1037,"connect":20,"send":0,"wait":22,"receive":86,"ssl":611},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:57.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"POST /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/json\r\nContent-Length: 324\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":324,"data":"{\"channel\":400058,\"platform\":4,\"events\":[{\"id\":\"EId_TId_Init_Start\",\"content\":\"{\\\"t\\\":1776516297310,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\"}\"},{\"id\":\"EId_TId_Init_End\",\"content\":\"{\\\"t\\\":1776516297313,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\",\\\"dur\\\":3}\"}],\"buildno\":200500,\"uuid\":\"dbf727d56e3b41b5943d2cf8219b4511\",\"seq\":\"45a8aade-de30-46f4-9bc6-36bcb764f78c\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:44:57 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F4102044562.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F4102044562.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:46 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 04 Jul 2021 02:20:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e11afc-4567\"\r\nexpires: Mon, 18 May 2026 12:44:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17767,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 592 x 180, 8-bit/color RGBA, non-interlaced","md5":"f40e9ce55904a6a53ef29044fe0d544d","sha1":"e7c6b2036691da87f22170e07406b1bd983899b5","sha256":"814b42ea311c6e3f89a3db00c9d05e9bed5546cdb2561f8831d4d8964e46eba2","sha512":"101f8e91071b0f9b7ea59edad382f2d566ef077843f162d74a58631310197ef7f1226d7585d95af4f8a86333f1f8fc12dbe0e0695f39ccfa4f6ff10016697a4f","ssdeep":"384:u76gL5xAXWygCmkvY3aCGBNDlrb9FjUsfeEG/O:i1xKWyDvY3at/5vjlm/O","tlshash":"bc82cf64d1ee81484cb58145ac8317e69e050373cef56872bbab2c62084dece5ddcea9","first_seen":"2026-02-23T13:17:07.906742Z","last_seen":"2026-04-18T12:49:49.704591Z","times_seen":4,"resource_available":false,"data":null}},"time_used":764,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":764,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F4155413447.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F4155413447.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 07:54:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e16924-494f\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18767,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 280x271, components 3","md5":"21dd8a21f30c8590c70331b23e83b866","sha1":"3ec501a82898da49bdb64bdd23d6b1aba5cd7567","sha256":"14a26dad75b27da8483ef79df0446f93b4436b6ca420835bd7203701de5a34e2","sha512":"fef7fad1969ae09196120c314cc42c5e9a98cbec1c5bbc152a5c3435aceeb366d5c169c16cae74f9c415fbdf7336812815f9080364e837b333b802c944f54ed2","ssdeep":"384:8VVJrtiSNDY2J5qtYVhtjyicucSmzZjrf/NfUgzWwN4:IYSNDHHqtYVn6lSMZjrnNfJzo","tlshash":"22829de081465e24f3e8ce3122dba992b79f11014fb3ffb44077a5e7e496e0ed802119","first_seen":"2026-02-23T13:17:07.823666Z","last_seen":"2026-04-18T12:49:49.695259Z","times_seen":4,"resource_available":false,"data":null}},"time_used":761,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":761,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/i2.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/i2.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-89a5\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35237,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"3621e87418bdf158e5e30496ffdc89ec","sha1":"546ccf133a739a2136b725d7b72444b658c0fbc7","sha256":"df55641d5744b169ddaf0d79a608a15dad2d1ec4ab262e62c0fe28e7e5ca3c2e","sha512":"1627e93ceb59838c3088a5454ea008f8bf1cabafe0df458e10f42402b70af6f929941934ef04ea6a2e71d49ee7552fc049b5004aac5217ee8b7ffdcec2cd59c5","ssdeep":"768:4TorQj9HR24Gjmdfal9omBicNxBdc2+78/D2wrNVRblK+:LYHRdy/lxLAw/D73plb","tlshash":"28f2e082b6c2c989e3b8c5bf8d6321ed2b52853e96480e092ff5d41ee951b351d92d82","first_seen":"2024-09-28T08:00:56.534736Z","last_seen":"2026-04-18T12:49:49.675514Z","times_seen":9,"resource_available":false,"data":null}},"time_used":759,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":759,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210818/1-210QPU05S35.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210818/1-210QPU05S35.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 18 Aug 2021 00:50:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"611c5972-4e9d\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20125,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 204 x 62, 8-bit/color RGBA, non-interlaced","md5":"cee337466b0085d3b5386e07aff7e7f0","sha1":"9fd89fdca803067ba116a58c91b7a51d9f1523fb","sha256":"85fb1c0d23f4b269e2e9d180ee7ad02a2bb86dd1fd34c638bec5ededd3f720a8","sha512":"222a1a3700f4860cebcaad11c6bf4515f475f5f3b384c934a251633e66ade1c2af68f7181892a12a047249db6adbdba2df75b4c91f54fd2911cc59e8c00d0c8e","ssdeep":"384:h50wKWZPykckIbJHnp2xb6hDaaxh8e+cZUwZX4eatvhjj/iR:j9Zrc1MJNmeRhY","tlshash":"8892e0deb1054aaf329113db35b6d094afabda64c20c3e38ed2ee206c95881f55b0c65","first_seen":"2026-02-23T13:17:08.003679Z","last_seen":"2026-04-18T12:49:49.714009Z","times_seen":4,"resource_available":false,"data":null}},"time_used":745,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":745,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/i6.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/i6.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 10 May 2020 09:30:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7c9b8-6d7\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1751,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced","md5":"8d5be4b1cdb1bda30cfe6b4744be9bf6","sha1":"de66b545abf757842940905ebd49bc0fe0d54c1d","sha256":"19d63a728408a4f5c6b988c1cef513c838dccb0af5c37c47c92535523a678808","sha512":"c3dad812093d362b9919dd047231a3d4cae1417ad4a0f6f31a8b38eb4412c8420ffd5ebf3e6cf0568d6269ce60b4d2d59abe597bf6405b64d6090e206174a35a","ssdeep":"","tlshash":"6831d849fa025d02a1cacc4121f5d17b9d0358d2dac8b86a68c9c80b7db91fe432e9cf","first_seen":"2024-08-19T22:07:19.950172Z","last_seen":"2026-04-18T12:49:49.700637Z","times_seen":12,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/main.4821d4f2.css","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:50.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/main.4821d4f2.css HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:50 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\nexpires: Mon, 20 Apr 2026 12:44:50 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: W/\"69de49f1-4954b\"\r\nvary: Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: LOaFYyMa5BWRN_OwrtZmbrG5OI-k-8RlrIAopSnLoLW7-9oOQRo9IA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":300363,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"31e2160323dd36f8d7f8d08ebc8ed9ca","sha1":"7d2de58110a2c1431473fe1bd7f287e4d0b2a374","sha256":"4744f1cc150d0937c0d9f221847a0ac3c1d35140ae3153f20b18033b4e5cd14a","sha512":"30c834941bdb91b805cfe635944f9619ef90d5ab751d10c8181d975342c7d6019fad976757e16da9dc16c2567f09f37f2c000464b7fab62a2aa20e18b7696f1d","ssdeep":"6144:ANUxkF3KCkZkw71ZACkFDS3vyf58rBe105TdkZtww1OA7k6Dv3+yu5trGeW0OTxo:ANXpKfZkw71ZACkFDS3vyf58rBe105Td","tlshash":"f95487ba5652222960334ab3d7cc5d98562dc66356630dee77413c0bcb82fde339a31b","first_seen":"2026-04-17T00:42:36.065935Z","last_seen":"2026-04-18T20:07:52.04372Z","times_seen":9,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/pc_download_cn.d40119eb.png","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/pc_download_cn.d40119eb.png HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 24080\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\nexpires: Mon, 20 Apr 2026 12:44:54 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: \"69de49f1-5e10\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: R6QaX7ckVjBVd8A0SQJi-qZzZgLfT5P_KV0dW-RjT52K6-Wq0GqE3g==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24080,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 191 x 80, 8-bit/color RGBA, non-interlaced","md5":"01ae6eb705d4433221642425c008e1dc","sha1":"8979edf91ddfd13610dd843f7546bfa621226669","sha256":"d40119eb00b0f31959fd5bd58ec1eedd003821a123158b567b814fc67f0cfd46","sha512":"af4073b84b098e77c0022600b648e2cced504c1f91bb763579d731d092484001faf71e6d33d9dc973f0d51b0fd7f0dfea2c0fb0ecc582e319438e5b5c6d320b3","ssdeep":"384:Ibtg6DYKOzymbgIQHRKIEAtU8j9ZD8iiDMRpTE03W3EVrz8O51+tP/XAMh:zlbcpzZf8iiDMRpTE0murg41kPfh","tlshash":"d7b2d0748df3dde9e8593a30b32894707d42c42180a9b3d97167a4fb6f20791dfc265a","first_seen":"2026-04-18T12:45:36.348755Z","last_seen":"2026-04-18T12:49:49.66912Z","times_seen":2,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":282,"receive":230,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F410255U47.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F410255U47.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 02:25:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e11c36-278f2\"\r\nexpires: Mon, 18 May 2026 12:44:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162034,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x580, components 3","md5":"111a58bdc6e859f7ffe0ef081612d4d1","sha1":"f28921179e3c95ccc30793292de41824a3db7b36","sha256":"fce6257e1c43e2d003285380394c99c5078d9febd5f2295f49dc9c850c38cee3","sha512":"34c88c6328a3fd0eab6d81a5348055e27ffc580a1e764265a33bef912dbe07f7a839ec75fc52b4dbc41a16b72a1403bfb5741296dfdac8313782dfb16c43a96c","ssdeep":"3072:ggZHMT+cTV0OVopfOeg9s7teLKH3df5Y89JG9m1qs7kV7w4:ggBk+cR0M9sJRHrl8fQi7w4","tlshash":"2cf3125af0481c5aa685a31c6c9f5a9d9d5092fc63f6ef06338dbcead3e8907584880c","first_seen":"2026-02-23T13:17:07.987105Z","last_seen":"2026-04-18T12:49:49.689048Z","times_seen":4,"resource_available":false,"data":null}},"time_used":764,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":764,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_pic02.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_pic02.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-4939\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18745,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 271x246, components 3","md5":"6b8587970b7335df669afaba419ac7e3","sha1":"06cd3034d627d71de9898635269baed400848779","sha256":"c781f83c6c6d57a7dd2297d3afda51c71565689ea774563548491ce2341933d8","sha512":"54a1172dae9ca24f27c83ac3836b9b32d32280e6167ebe5b61584f0e9bad71ee059a9a2969e8ae0625caf1ad387a9a4ae042ba6c404b8680cb9725c35fd5db89","ssdeep":"384:tOC9i8uR6/awD5xbBZh1UUneYqw21WFNp4DDiBY/73sCdGpNaE:k0I8/LbB71UUne421sNp6iBOD2NaE","tlshash":"cc82d00f61881f491207515f8fed00d02014a66ebefa70c7ab29fdebae9696754122b8","first_seen":"2025-11-12T02:54:17.264419Z","last_seen":"2026-04-18T12:49:49.716194Z","times_seen":11,"resource_available":false,"data":null}},"time_used":755,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":755,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/js/wow.min.js?t=1589099924","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/js/wow.min.js?t=1589099924 HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 10 May 2020 08:38:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd94-20df\"\r\nexpires: Sun, 19 Apr 2026 00:44:47 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8415,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8385)","md5":"36050285bfeeb7395752f0f9bbc08273","sha1":"5924f7bbbf1dfa3f0926851d01f782f23a59e805","sha256":"0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69","sha512":"bf887e087c52583114b77bfb417d7dffa0ee8634d39155af14591a24b2add9ef4c8a0c0555364122800d07a55f5f1fb0c723b39541b069a437ff558ddbf380a3","ssdeep":"96:UrZgL1xvPV6GqKgR6TYLWHFMLJA6pOROVEE1fosvGeaMozHImBaoqbl:Ury9PVfIFrlAJROVEEdos+eatzHILoA","tlshash":"750267c97a967031d75796f6833f0106b6361aeeb028047cb5b88dd57c78868523bf38","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-04-18T20:36:26.489565Z","times_seen":10163,"resource_available":true,"data":null}},"time_used":745,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":745,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/gor.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/gor.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 10 May 2020 09:31:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7c9d6-701\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1793,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced","md5":"8b10037d8100b0fed04d1f8fcf187eb8","sha1":"741ab7306ceb82865129d44fdbb6ab204f3fecb8","sha256":"fb0d33ebbbc5dc33039af5281f698a0c1f1ea63bcf9db9b81ee1bcd11fab3f44","sha512":"db75be0c74604317c283ecbfe2a62e3a349e8a742deeb611c45c3e12c0c9e6fa9737898e820b53d06c3f74c7746417cd9419b9f3dfe08573aa0e6d2f4e520a6e","ssdeep":"","tlshash":"c431eb8cf1016801658cf80229f3d13aab73859096d2f47035cadc7339605f9689e0df","first_seen":"2025-03-27T13:50:35.218279Z","last_seen":"2026-04-18T12:49:49.685382Z","times_seen":13,"resource_available":false,"data":null}},"time_used":649,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":649,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F4155440291.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F4155440291.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 07:57:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e169cc-9113\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37139,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=336, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=374], baseline, precision 8, 280x271, components 3","md5":"017d89c2ab343da1e9c727aec769a1c7","sha1":"1dfd5df36aea5e7911a4bacd56742399f0cb9d8b","sha256":"b0c0b016ce2463885aa8d9170e17d176279761cbdcdbbc7cd85723234849cacf","sha512":"a45bae5db291c9a58d2621f7ccf407dfea9d906502305d248e357cac50deb14b282c191880285b48b3ba2f152115db7ea4735afd9d71c52edeeb9a883fef6b1f","ssdeep":"768:VUYyCVQufm7nQPiYyCVQufm7nsG1JPJoDtmBH+kD2liN:+n7n3n7nsGPPytmBekg2","tlshash":"79f2bf366fa5df52edd2a13859a1d783a322af2493235b4138dc761c3ff98804d8d24b","first_seen":"2026-02-23T13:17:07.82005Z","last_seen":"2026-04-18T12:49:49.699267Z","times_seen":4,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i00.c.aliimg.com/img/ibank/2012/664/654/674456466_1724488225.jpg","fqdn":"i00.c.aliimg.com","domain":"aliimg.com","tld":"com"},"ip":{"addr":"163.181.57.254","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.c.aliimg.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 26 Feb 2026 02:41:35 GMT","end":"Tue, 30 Mar 2027 02:41:34 GMT"},"fingerprint":{"sha1":"DD:2C:63:4F:1E:D3:92:06:FA:05:11:3E:25:59:6B:4E:E2:FC:0E:07","sha256":"0C:DF:B5:61:52:32:C3:B7:2A:7D:0C:C1:E5:92:83:D0:4B:C8:84:27:E2:22:F3:59:A1:03:3E:6C:56:A7:94:53"}}},"request":{"raw":"GET /img/ibank/2012/664/654/674456466_1724488225.jpg HTTP/1.1\r\nHost: i00.c.aliimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/jpeg\r\ncontent-length: 212184\r\ndate: Thu, 09 Apr 2026 19:22:38 GMT\r\nlast-modified: Mon, 09 Mar 2026 02:40:24 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.021\r\ntraceid: 9b66ff9c17757625582014637e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: jpg2\r\ncache-control: max-age=31536000\r\nvia: ens-cache33.l2de4[0,0,200-0,H], ens-cache2.l2de4[2,0], ens-cache9.gb5[0,0,200-0,H], ens-cache1.gb5[2,0]\r\naccess-control-allow-origin: *\r\nage: 753729\r\nali-swift-global-savetime: 1775762558\r\nx-cache: HIT TCP_HIT dirn:11:402056504\r\nx-swift-savetime: Sat, 18 Apr 2026 10:04:25 GMT\r\nx-swift-cachetime: 30791893\r\ntiming-allow-origin: *\r\neagleid: a3b5398517765162874652550e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":212184,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 760x888, components 3","md5":"59090f26c37b75c95a7d52cda8818f2c","sha1":"318a8eedf3e9235f624cf2ee253646ea9f6349be","sha256":"c5e0c4c7cfc819b48a23149f26630e9fdc16d360168fc83ef1377af024dafb5c","sha512":"afa7be60e86300606069b6584f39408920692c60546aeb985775b50a68df57a0a19a01c5824827e3a02fb91620aeb237c8a7c3af1f6b37397bcb7a3793b54856","ssdeep":"3072:e4rSJG4wk5hZUWltNoDagJG+0lP4PdlS71v3UQTsuoEkY813/3VGFkiT7jp:PSuk5hztiF0lOfCV3Ud+Slikijp","tlshash":"ba242324e41bf8518a6d9fffa91b230507e5f88b22f45c93e1dc4c86b8cf3a36495994","first_seen":"2026-04-18T12:45:36.357747Z","last_seen":"2026-04-18T12:49:49.716692Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1327,"timings":{"blocked":620,"dns":303,"connect":27,"send":0,"wait":28,"receive":56,"ssl":288},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/video0.mp4","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /video0.mp4 HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 3403653\r\nlast-modified: Tue, 28 Apr 2020 03:11:46 GMT\r\netag: \"5ea79ef2-33ef85\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-range: bytes 0-3403652/3403653\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65536,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"cc55c22bc4a1ca9076bb88a067c18990","sha1":"cf239b2b327d2f80bd7f5ec8f8c2b938f53e12af","sha256":"6cf9bf2076f3f1fdd172a475b3e5c860d61f7bbea38d85fe40fd718e02db0a1b","sha512":"50a54c9d2f7a018a924710c29c390ff74236aa4dd26d00afb02fbc8f45ff841d91ab4eff61d2e7022eebddc2938e6e69d405c6c3f5e00b7d613ee69a94670e6c","ssdeep":"1536:yaIDSLWlCjyxZyIQMYnzTfBCncIBh69ivwheXo1wrdps:ripCGZBAXf0cIBh8ivKeog+","tlshash":"8753011f720f9bda9e0ec68af1ebc3104357a244d63f279e1dc5a9618164d8f63263e4","first_seen":"2025-11-12T02:54:17.244361Z","last_seen":"2026-04-18T12:49:49.691505Z","times_seen":6,"resource_available":false,"data":null}},"time_used":548,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F4160IE31.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F4160IE31.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 08:07:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e16c48-1b6b0\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":112304,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 377x243, components 3","md5":"a119f3af3b390d80159b4e24b5f2fe35","sha1":"40fcdc005df76d23d45426d13504ba2dcd7a8afa","sha256":"e221a3c1775e982a54559726691fe3368cd3bd35e9d9d2168de4c72be8f59681","sha512":"a45c8d950ba43cf1140ba5fb900b76b973d71b1db37f82ebcee05ce8a0eee0be61d15b545eb6f0bb4ff2945251e1cdea5d466731ecd4fede61c2666503ed3111","ssdeep":"3072:DZrrSZPMEY4w/7lDTZAjBDCeNDpKnsurQ:DVrSZnE/7lD2Qeoy","tlshash":"9fb31270677ae97b56fc242816c00e9d4c487878548301bc567bacffeaf45fe2887592","first_seen":"2026-02-23T13:17:07.942629Z","last_seen":"2026-04-18T12:49:49.718317Z","times_seen":4,"resource_available":false,"data":null}},"time_used":752,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":752,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_bg.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_bg.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 27 Apr 2020 13:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd14-19e7c\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106108,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x790, components 3","md5":"35d92ab0dfd295931f0a4bb57d1f5554","sha1":"bd462dd602f87def1fc64be6b27d8b39ce1a3ed0","sha256":"844c05f9e2a29939453fff79228866a8458a0a669457350ae04360651e2badbd","sha512":"5e6ef49b68f03c5759a83c5e6bb11f7c4db884ad3c1fefea2ef9474ad3e1855e6a0658bb4f46a4c75e41acdfe556110b4ba44c26b4718c56877f6c557656be32","ssdeep":"3072:i/A1HHs0wlmb/8YcGgiROOLmttqciczjmrG7UA:X1nH0dz2azjmrG7UA","tlshash":"4ea31233e659a25ad65f53b901fb7eabb62018b093d64ac0f618d71c01e73d47e1ec42","first_seen":"2025-11-15T04:34:27.318163Z","last_seen":"2026-04-18T12:49:49.719945Z","times_seen":6,"resource_available":false,"data":null}},"time_used":402,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":402,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/css/main.css?t=1625390824","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/css/main.css?t=1625390824 HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 04 Jul 2021 09:27:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e17ee8-ab3a\"\r\nexpires: Sun, 19 Apr 2026 00:44:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43834,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with very long lines (341), with CRLF line terminators","md5":"f88aea6ab688150609dc3ebc1e06df16","sha1":"e0cd8d86304c2796e1f8969133079cd18923f9a8","sha256":"3d62dcc1711516a7455a8dc7568cb5a09ef1b5e9a5515f1deef2ff250645077c","sha512":"0e6410ab3b5872aee0d9a928e8fe7c5100a25a558f87e3eeea0282b3eacfaedfe2aa7ffc8cfafc13fef1cecd2e9db5d1dc0b1dd443e0b09034a6de1781f35c51","ssdeep":"768:nNG7czJvTsMvjYJ878mJPbaHcZ3WWOA4Syyz8PCuJgN2UpWPEx2HQOZXAJ6Zc8Ed:nNMp/S5T","tlshash":"a11383edd664204eb307bb9abbf057695e2c10f2af4b457db1a5281ac347a9837334c1","first_seen":"2025-11-12T02:54:17.210495Z","last_seen":"2026-04-18T12:49:49.67792Z","times_seen":10,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i00.c.aliimg.com/img/ibank/2013/518/054/1076450815_1011948319.jpg","fqdn":"i00.c.aliimg.com","domain":"aliimg.com","tld":"com"},"ip":{"addr":"163.181.57.254","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.c.aliimg.com","organization":"阿里巴巴（中国）网络技术有限公司"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Thu, 26 Feb 2026 02:41:35 GMT","end":"Tue, 30 Mar 2027 02:41:34 GMT"},"fingerprint":{"sha1":"DD:2C:63:4F:1E:D3:92:06:FA:05:11:3E:25:59:6B:4E:E2:FC:0E:07","sha256":"0C:DF:B5:61:52:32:C3:B7:2A:7D:0C:C1:E5:92:83:D0:4B:C8:84:27:E2:22:F3:59:A1:03:3E:6C:56:A7:94:53"}}},"request":{"raw":"GET /img/ibank/2013/518/054/1076450815_1011948319.jpg HTTP/1.1\r\nHost: i00.c.aliimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/jpeg\r\ncontent-length: 211520\r\ndate: Thu, 16 Apr 2026 11:21:16 GMT\r\nlast-modified: Wed, 06 Nov 2024 22:46:17 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: MISS\r\nrequest-time: 0.050\r\ntraceid: a3b55c9817763384766474185e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: jpg2\r\ncache-control: max-age=31536000\r\nvia: ens-cache26.l2de4[0,0,200-0,H], ens-cache1.l2de4[2,0], ens-cache3.gb5[0,0,200-0,H], ens-cache1.gb5[1,0]\r\naccess-control-allow-origin: *\r\nage: 177811\r\nali-swift-global-savetime: 1776338476\r\nx-cache: HIT TCP_HIT dirn:11:249918710\r\nx-swift-savetime: Sat, 18 Apr 2026 10:04:25 GMT\r\nx-swift-cachetime: 31367811\r\ntiming-allow-origin: *\r\neagleid: a3b5398517765162874662551e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":211520,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 708x1378, components 3","md5":"b626467839b635a072d9093bd1c25f37","sha1":"bec60ebcae49cabccd2621fca5c4303d33a274a3","sha256":"00c42cb621bc0b1ba51ffcb378548ca32cd14e386495875f953ae5b1c27cae84","sha512":"6a8088e9fa00375d388ef8d978a6965623ec496de3609a2225ea3ada7621ea8ef86f20fa37810461ecfe67ce3d7851fd0471f01447b0efa0683b407747507fe2","ssdeep":"3072:8qN9cjSCVE8pQXpY/toVVUOHxaMxllmBUPwoNFjWKLemVb14lY0UNO:8qN58E8eXNvUYaMHl7impam0T","tlshash":"0e24df35f7e2d31087af059e94bd3c3b630094d540c96983896b8c5e7aaef74aa1327d","first_seen":"2026-04-18T12:45:36.365885Z","last_seen":"2026-04-18T12:49:49.702432Z","times_seen":2,"resource_available":false,"data":null}},"time_used":725,"timings":{"blocked":-1,"dns":301,"connect":22,"send":0,"wait":74,"receive":30,"ssl":298},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/fot1.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/fot1.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 27 Apr 2020 13:25:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd5a-5c0e\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23566,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x120, components 3","md5":"d57c49239615a6d03a0c4e0c1079b484","sha1":"4dc89428d960382482fa6a77adf67a9608370c2e","sha256":"9d376998af548cb1b635a398abdafcc62e1b44aedd962722ebfffa988c6ede7a","sha512":"dfced48dc4f38ef17ec1f0f3af77c30527f904f05642581d9625c8436130de54bf430e17919a35053bd1d6aeff5def45f967a7389e2b1b71254ea6519cabfdfd","ssdeep":"384:t5aJUBHonguURKdE6UAFsahDVhmFGJ0qQhl5EVf8C1uXPqeA/52rjivJGPLLNJdG:X6RXdVUOsaRWFGe5hl5EWjinh2rmmLNi","tlshash":"efb2c0f4aac90afcd9d512f71571e3655f18a23c93358af24809aa076e879f470e3071","first_seen":"2025-11-12T02:54:17.252383Z","last_seen":"2026-04-18T12:49:49.687635Z","times_seen":10,"resource_available":false,"data":null}},"time_used":649,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":649,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"77hash.s3.ap-northeast-3.amazonaws.com/hashpromo.js","fqdn":"77hash.s3.ap-northeast-3.amazonaws.com","domain":"77hash.s3.ap-northeast-3.amazonaws.com","tld":"s3.ap-northeast-3.amazonaws.com"},"ip":{"addr":"3.5.242.71","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:50.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3.ap-northeast-3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 14 Feb 2026 00:00:00 GMT","end":"Thu, 11 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"8E:7B:63:EF:E6:C9:5C:E2:75:EC:28:1B:89:0A:7B:5A:75:7F:58:D8","sha256":"2F:C4:88:1B:AD:C8:3A:F2:3A:5E:75:3A:97:20:2B:B4:E1:CF:A3:62:48:15:B5:56:53:F5:84:C3:DD:53:FB:E5"}}},"request":{"raw":"GET /hashpromo.js HTTP/1.1\r\nHost: 77hash.s3.ap-northeast-3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 4LLuMM59jjy65I95VTGPbGdwV+QNvuumgsp8XcueJKvSBgz4sblHo10ckc9Sj27XSTe0YZG4DRrypm1OgAETPRdYTuinoM4K\r\nx-amz-request-id: DK39CYZMD1476MEM\r\nDate: Sat, 18 Apr 2026 12:44:52 GMT\r\nLast-Modified: Tue, 19 Aug 2025 01:01:42 GMT\r\nETag: \"651fef4b8d3c09c66a018e7992ffde28\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: application/javascript\r\nContent-Length: 1195\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1195,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (317), with CRLF line terminators","md5":"651fef4b8d3c09c66a018e7992ffde28","sha1":"f7f945dfdbfdd068f5718f2b30b9a5bc284922ca","sha256":"89cdcc8fd721bedabc8d24c13aa1600a1082327c0afb92b28772da0ddc13e5d2","sha512":"fdbfca8ed676d6fad0a00e21413fb4c1f21e19edb78d38493412f075ec1d3be3bf82c42a3f0b4dbb2dcf1170fe241eacbc3a35dbf18aa8cd47a767505cc7a896","ssdeep":"","tlshash":"0d214567e865c12f32fcaaf353a1b1293121e314e31dc7163e4f60a723524d64335438","first_seen":"2025-08-21T18:39:39.064186Z","last_seen":"2026-04-18T20:07:52.047076Z","times_seen":38,"resource_available":false,"data":null}},"time_used":2167,"timings":{"blocked":924,"dns":62,"connect":290,"send":0,"wait":316,"receive":1,"ssl":570},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/resource/loading.gif","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:50.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /resource/loading.gif HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 274364\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:50 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\nexpires: Mon, 20 Apr 2026 12:44:50 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: \"69de49f1-42fbc\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: tpirs_qrxq6adXsGRXbzbwiyHCPGL9eRdn3VdR_ywLRmdIcg3TawWA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":274364,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 353 x 370","md5":"8d744031c2bfe2012884005c5c4b7360","sha1":"93f681b4d3c1f32a64f74215c110ceb06c23f165","sha256":"b8c8cec7becdadf09e1112be6962c55d57cb1b5bd61e68e3e60c0a925f00615f","sha512":"5e2e2d2195e432ba2403b83c5c1e6d52e34887fc5d6b9d79bc69adccd09b4b9fe60dd60d5dee9c250c20da30a6fbf1e245257997b624d3596fcb34e15d3b19b3","ssdeep":"6144:GvsVFdYaDyl+ikVjnIZJNhS6kNnYut3yobI4NsyxhEr:GU7/ylvkVjIZJ7SeutiokIREr","tlshash":"b94412d74f5a4ffec8371126606a53db2ca71e80bcf3e1b41b52e69445b2928a04f5f1","first_seen":"2025-05-28T04:51:10.47814Z","last_seen":"2026-04-18T20:07:52.030831Z","times_seen":42,"resource_available":false,"data":null}},"time_used":1461,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":513,"receive":948,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_pic05.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_pic05.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-4a70\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19056,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 271x246, components 3","md5":"9415661330cf28dc645e342686bf5a79","sha1":"763c5d95841e4a0055078abb38eb5eb70b9334c8","sha256":"948fccadcc3dd894df8d616c2b815db8bac8514ec3c61b7d0364af74545fe55d","sha512":"1a3a20b6384bb7165e9f9173e4daf0471c93eecedebaf6812c1f09cf9f779521c36ecf849710e969ff4e099b4cba45945f8b0983e5f103265bcb2cd13cb87128","ssdeep":"384:tK0cbBK3tDA1Kpv3TfBIW+Zz2kCLzdkWHDpUtdCxHKOUss+LqNVRte6q3:s0SKdDA1KpvDfeW+NN4zdkWHD3oOUFt4","tlshash":"5b82d092b6ab5d3b5ec38477e8cc9dc05e1025f82d14babadb60469eacde55d010f024","first_seen":"2025-11-12T02:54:17.219745Z","last_seen":"2026-04-18T12:49:49.668156Z","times_seen":11,"resource_available":false,"data":null}},"time_used":753,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":753,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/gb.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/gb.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:33:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6df44-502\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1282,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"1d31ea8f8644d61c72ee61c486f472de","sha1":"eb9ef1b6c029469d3087c79214bb18d0251c400c","sha256":"fbf105cf5dd057bd96b707a6c0124afd00b19d1f9e21159facb849f82528cd3e","sha512":"53c34932fb63898a44c85bc6780a845ae1c27f22c851db4545b306265eebb23c3661a57eafc7fb25c64c7d799d9fa78763780d743b94ab9c32302c24f104d0c6","ssdeep":"","tlshash":"e121654cb83039a155c9e8d134e6917f992b9f489af0a06ebd8ec41e0a762b186c56c7","first_seen":"2025-08-04T10:32:45.279219Z","last_seen":"2026-04-18T12:49:49.68002Z","times_seen":20,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":432,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_ico04.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_ico04.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:25:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd3a-6432\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25650,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced","md5":"342aa9c769e8bc082a3139985fa80371","sha1":"07589a2e2ad8b54b266d1e8476518bdcd899ea8b","sha256":"6be7b0bc851389e2d5101060cf6e033a6fdb4e56b427026491fa273adcd885e1","sha512":"177b3416f928d28ea1a6f04dcd8567bcc03bd894d63d8614ff368064c6f1a13a1d977bc7df2856479851b66e8c24f1a4e1de56f6780849eb3deae85f205d8d7c","ssdeep":"384:OnEL3qWkisVs+0eReuIjicT5ywB8CLwiy8/Ms9XO8HW9erjd1IIlQbrezuX:OEL3qysN00euIjicNxBda8/D2wrZzuX","tlshash":"98b2d016b641e608f6e86ffeacc0a1fe339209496d2c071c4da7ccadee15d120d13d99","first_seen":"2025-10-25T15:13:09.786094Z","last_seen":"2026-04-18T12:49:49.714491Z","times_seen":8,"resource_available":false,"data":null}},"time_used":653,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":653,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/favicon.ico","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:49.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:49 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 16958\r\nlast-modified: Wed, 21 Aug 2024 08:04:10 GMT\r\netag: \"66c59f7a-423e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16958,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"c389e235ee2dbf548345e5d935df3914","sha1":"6c95444d7c528ddf1155ffba820216cbe558ef9c","sha256":"97f7cc31f8ab12cd37303681cdd703c41ea403be5d4f7a407ff23260c09c5959","sha512":"dbb92622091410f4eb37ff8e3220c1fe5ab5df23d63ff18a3a17b528058379a1ca60f89c4f909286d57c72c9a3fe1ebf6cc89e958c002db1cc7b2dd210be81b2","ssdeep":"384:xXKe0NuSG/PVSGyr4Gz4FPB9jf7YLsPktw:RtoGa4Gz4FPDUzw","tlshash":"9872e791ff0432c1e93d443e609b9d9426f939ded78d690a32687229d2e31e77e1390b","first_seen":"2026-02-23T13:17:07.918274Z","last_seen":"2026-04-18T12:51:41.292969Z","times_seen":8,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/index1.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/index1.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-4355\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17237,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x230, components 3","md5":"0b5a8751e51924dcde776b39883c7f3d","sha1":"f4b7771de00e5020a08e6c179e0ff6d1518fec56","sha256":"5382ececc0c19699777b5b52279e0deeba7254721d79a1110442d7bc7b9a124e","sha512":"51550cf0ae821c51c367358408681ce4e46df567f27aa9f6e1073962eba2ebbae1fa77ed13dd49c2a1c660940b61451fda529969d09854f62b0ea1feda1917fd","ssdeep":"384:qpxxGu3U6xmDl7dzz+H69MlcQOobtur1wMHrU:qpxxGOmDl7Bz+avVe0r9HrU","tlshash":"5172b08526516041b0551336dd2bdbcedf93dbcc92b20e0eb7987851a6b4099dc60aee","first_seen":"2025-11-12T02:54:17.196936Z","last_seen":"2026-04-18T12:49:49.701441Z","times_seen":11,"resource_available":false,"data":null}},"time_used":760,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":760,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getConfig","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"OPTIONS /api/getConfig HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,langcode,user-device\r\nReferer: https://bethx.vip/\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\nallow: GET,HEAD\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:53 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 0fyUtSb3XcanUaFG-J4ER7OlMKaVBjkvpJ6bKEFjTr9HyV6ybfYRXw==\r\nage: 1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getConfig","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"GET /api/getConfig HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: \r\nlangCode: en\r\nuser-device: 2\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: YNZnmF8FtoCwYpbDUDy7AKtfW_7KeHfVOt_hO9GMVyKhOHh-ZJ3ufg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":29414,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"445cbfff6021d92930ffd3f745dc1fb2","sha1":"821f1dd1a743c70c421dc0256381ae736c30e77c","sha256":"c8a923aa01f355b68414088cfba0333c9e82dc2d53dca00e391fe54f1acafd34","sha512":"dc307bb95db2f07f531e05171e29b91a52dcd33a8ca0c682a44912d331417774fa7fc2e3b2c6a04968e6894e9a819d3aa8dc62188a3106116330448c1288fc3c","ssdeep":"384:bS6GbOAGS616ttXj/pGEI4ttXjJGpswTwwejI2WwbY:bS8SttXjB64tXjKejIfw0","tlshash":"dcd253bef7fc68a145f141c00d97765b16da31086fca4ca896fbce5c43885a41b2f29b","first_seen":"2026-04-18T12:45:36.30782Z","last_seen":"2026-04-18T12:45:36.30782Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F416064X52.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F416064X52.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 08:06:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e16c18-1a21f\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107039,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 377x243, components 3","md5":"c0f2418918bd56334fb954d552eb8c03","sha1":"6e9cc86e14b25efd05446083655d1c3b490a77c6","sha256":"0d63cfda099f79b96801bea581e080349e2f9915f0183e6306520a7365d41493","sha512":"f590e31b127a8a5ed6f181c14bf6f9adf016a680bc4b86ac8378bb2a6d11769088d52a6c029ccda9af4d470023c5e81bce62c7f3ad9eecd939e9026d81a56357","ssdeep":"3072:n+ZGnMu6brJ70G7sg4CsehMgKiivuuMfz9:+0WR6g4kMzXvi9","tlshash":"b6a31282d698397351ccef5cd43fd8a63e2e97949c8870d883bd4522cd416b59f8590f","first_seen":"2026-02-23T13:17:07.841405Z","last_seen":"2026-04-18T12:49:49.726104Z","times_seen":4,"resource_available":false,"data":null}},"time_used":751,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":751,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_line01.gif","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_line01.gif HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/gif\r\nlast-modified: Sun, 10 May 2020 09:32:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7ca36-4a7\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1191,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 35 x 1","md5":"1ba7b7dca9e6e7df5f1aea49863ecdab","sha1":"3eca244813f087223556214c96dc4f8506ff49f7","sha256":"4cd5e8120e9f85d181c1b5587c49df8f6067fe87e2459146a04523e5a025446f","sha512":"e6fb145be418b3be47f82d100ec21b9a5ef3108a200e87651df269096d27531a3cdfe9f79f94a4d4b33266ad060a9dbf44187f60ef5f7d19b945b6f83ae1da90","ssdeep":"","tlshash":"a021770dddd0fc41148ce8892df765675d59488085e4f588789dc41769289f1412f6db","first_seen":"2025-08-04T10:32:45.35714Z","last_seen":"2026-04-18T12:49:49.708015Z","times_seen":15,"resource_available":false,"data":null}},"time_used":659,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":659,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_line02.gif","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_line02.gif HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/gif\r\nlast-modified: Mon, 27 Apr 2020 13:33:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6df0e-4a7\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1191,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 35 x 1","md5":"fa646386d46b78e5ff3cca91d18ae9f4","sha1":"21473e411b6623b3f65e113663e811c83848cabf","sha256":"6f3fc621c0038b8b8bcf3733e888c00a5974d727081ffe87368d40b12654f9ae","sha512":"5749e5f4284ed4d7f6f56a8aa9f09ea00a2611f64bea45a8dd0311df90c2063bf4c62a5cea127eb5753ae5ac1ff99c8c7a27a7f3728bbffbd6e697302a6ac744","ssdeep":"","tlshash":"ab21770dddd0fc42149cec892df765675d59088085e4f5887c9dc517652caf1412f6db","first_seen":"2025-08-04T10:32:45.268405Z","last_seen":"2026-04-18T12:49:49.671744Z","times_seen":16,"resource_available":false,"data":null}},"time_used":657,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":657,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/pathseg.8e50599e.js","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:52.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/pathseg.8e50599e.js HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/assets/main.ecaab409.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:52 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\nexpires: Mon, 20 Apr 2026 12:44:52 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: W/\"69de49f1-9bbe\"\r\nvary: Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: gWb__pYL4I6tzmdmTfTp3EWb9JXPqJSKWRaMt8qD5ykepPMBpY6h-Q==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":39870,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (30789)","md5":"4abc45fac2e718d0fbdde7b49d94eefe","sha1":"b1fe7c6ace1a17ba8f0f56c2c93e75f4e80c806b","sha256":"4a1921893f8fe2d43c35077b4613c738e348e866c6ce8b2ea5d238e9e5ef2ae7","sha512":"861a86d99e2c8f148b931e318defde6d6a647f7433b682b7cede601cdf7c4cd7b403fe4b543e23be16a694a63d177eb84cb093a7e29ea53afe24ee2c4e81e2a4","ssdeep":"768:GCOCz2cv5dYTaulgQwKKh9eE8/nyjyUCJ8:GCOCicv5dYTaulgQw3s8","tlshash":"1003f150b5557669029ed2c6113f3a0bb33b54ec8808e09cf35dd4cef868887d99abbd","first_seen":"2025-05-28T04:51:10.295799Z","last_seen":"2026-04-18T20:07:52.045291Z","times_seen":41,"resource_available":true,"data":null}},"time_used":318,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F410255Q07.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F410255Q07.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 02:25:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e11c36-23e9b\"\r\nexpires: Mon, 18 May 2026 12:44:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":147099,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x580, components 3","md5":"047ad7b45bb2e764a0ca27e84d341bd3","sha1":"17c4e7b1ee3ec521656c3583c679780b31da5144","sha256":"ba22d76ffc03990ce45b11a324a12d4fc2972f2939b1067cf1c44db1d12bf059","sha512":"8c9007cf147d88edbbaa787b3b2e84d593386c2f538d71a3fcbbcd77b3d06487cd7d00f32a94879ac3c5b32a776b90907d97813c79c05cff2cd87d4acd9babac","ssdeep":"3072:5GTJ7wIGPo0Ur4Cq5rQ/S7cPVo918DBbf2YXQJszNSteEJkpZUziQe:OJ7wIGPofr4CKWS7UoPCuYzGeEu7Uzil","tlshash":"80e31254a4ec9fb5cd826d41de2867aa0361682d801840ba50f6273f8bdf4abd774f37","first_seen":"2026-02-23T13:17:07.881797Z","last_seen":"2026-04-18T12:49:49.727182Z","times_seen":4,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/index3.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/index3.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-3512\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13586,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x230, components 3","md5":"f8be40f04d7618a1a78892588ec5aca5","sha1":"cd2dee32da8691fa529d7e0e5ed9400a653f9495","sha256":"a512e2748db49c303ba31fb9bbc4fde3031d02eaa6f3b1819a52264ddd16f75a","sha512":"3adc6e434a6d106052028f553f08126520e8e4dd9da3415aa15167ae2fe670496155858798bf148de79acb37b08f88b847f88428b07855e6ef895e56b498ab8c","ssdeep":"192:o2qnae1Lz4y1zS2H66lDKzEL2Cu4Ig9eErdpoahYie5d3M4a41oDtKxcSjluvhBJ:tR7MHlD/aCuW9XhYie5O4azZKxcSKhn","tlshash":"6852bf6a07157677f668fdbbcc1a029b733e4a274171cd78314e9fad18042e62a30c91","first_seen":"2025-11-12T02:54:17.211449Z","last_seen":"2026-04-18T12:49:49.706657Z","times_seen":11,"resource_available":false,"data":null}},"time_used":758,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":758,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.alicdn.com/bao/uploaded/i2/2920736671/O1CN01Y0qBFF1z9Mh3JxxsH_!!0-item_pic.jpg","fqdn":"img.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"47.246.44.178","port":443,"asn":24429,"as":"Zhejiang Taobao Network Co.,Ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tbcdn.cn","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 28 Nov 2025 03:07:13 GMT","end":"Sat, 18 Jul 2026 09:41:04 GMT"},"fingerprint":{"sha1":"01:40:62:EF:8C:E5:C1:8A:19:4C:8D:B6:F5:C2:24:7F:DC:C0:9C:8A","sha256":"60:3C:41:A0:78:62:E6:5E:82:F0:FA:CF:5C:C9:D3:22:E4:64:EE:1A:EE:C7:CC:BA:DD:25:08:90:6F:CC:C4:F2"}}},"request":{"raw":"GET /bao/uploaded/i2/2920736671/O1CN01Y0qBFF1z9Mh3JxxsH_!!0-item_pic.jpg HTTP/1.1\r\nHost: img.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: image/webp\r\ncontent-length: 76736\r\ndate: Fri, 17 Apr 2026 14:59:30 GMT\r\nlast-modified: Thu, 05 Mar 2026 18:44:59 GMT\r\npicasso-ret-code: SUCCESS\r\npicasso-cache-info: L4-HIT\r\nrequest-time: 0.024\r\ntraceid: 2ff6309517764379700383895e\r\nx-powered-by: Picasso\r\npicasso-image-type: normal\r\npicasso-fmt: jpg2webp\r\ncache-control: max-age=31536000\r\nvia: ens-cache21.l2de4[0,0,200-0,H], ens-cache18.l2de4[2,0], ens-cache17.se2[25,24,200-0,M], ens-cache20.se2[28,0]\r\naccess-control-allow-origin: *\r\nage: 78317\r\nali-swift-global-savetime: 1776437970\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Sat, 18 Apr 2026 12:44:47 GMT\r\nx-swift-cachetime: 31457683\r\nback_uri: /bao/uploaded/i2/2920736671/O1CN01Y0qBFF1z9Mh3JxxsH_!!0-item_pic.jpg_q90.jpg_.webp\r\nvary: Accept\r\ns-rt: 28\r\ntiming-allow-origin: *\r\neagleid: 2ff62ca817765162879102675e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":76736,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3995b1b973ad48d5d15fd616f5d1410a","sha1":"87065090b88f0e89128e165a81a9e46c65935aa7","sha256":"8662d56c6d29b07274d98728522e9468caf078a90f39eeb48c36ca03244e01ae","sha512":"cca1c0a69e63a6f2c18f83ef7736f8687e1bdefe63a2da75a92eb2a424a4c642fcb0b37673d3007d7bef01d74363a25b04a7de175f80b73dc7a7cb3682d10bcb","ssdeep":"1536:jxGd0Tmm9cXiizPlasff1GWnabOv8SZORxbS1xYgp6j+gV2ervz:FuLyizPlasQj1kptVervz","tlshash":"397312c0217ef766b0f7eb14a3c3218ce079f24405cab65eb69719688d4dc46e91b4fa","first_seen":"2026-04-18T12:45:36.389129Z","last_seen":"2026-04-18T12:49:49.676005Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2341,"timings":{"blocked":1112,"dns":1157,"connect":7,"send":0,"wait":36,"receive":10,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"file.zcwz.com/img/images/201407/20140705074639123.jpg","fqdn":"file.zcwz.com","domain":"zcwz.com","tld":"com"},"ip":{"addr":"183.134.100.145","port":443,"asn":58461,"as":"CT-HangZhou-IDC","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.zcwz.com","organization":""},"issuer":{"commonName":"sslTrus (RSA) DV CA","organization":"sslTrus"},"validity":{"start":"Mon, 18 Aug 2025 00:00:00 GMT","end":"Tue, 18 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5E:75:B6:A1:49:09:06:87:20:77:9A:E5:1A:B9:B2:52:8B:B9:A2:EC","sha256":"E6:C7:6D:66:85:4E:8D:14:E8:CB:07:3D:0C:89:FA:F1:81:E3:C0:74:E6:24:8D:88:8F:DB:86:81:56:ED:F8:40"}}},"request":{"raw":"GET /img/images/201407/20140705074639123.jpg HTTP/1.1\r\nHost: file.zcwz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 18 Apr 2026 12:43:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 50466\r\nConnection: keep-alive\r\nLast-Modified: Sat, 27 Dec 2025 11:03:09 GMT\r\nETag: \"694fbced-c522\"\r\nAccept-Ranges: bytes\r\nExpires: Mon, 18 May 2026 12:43:16 GMT\r\nCache-Control: max-age=2592000\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":50466,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 800x577, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5432bba3b014414769e98c3eec4b51e3","sha1":"2e45602dad41e3aa7a2b6b3e6929ca2eac6f58e8","sha256":"97cf65a6fde5201abaf60984656d62d1b30626841167765143d8a3d98b1509d1","sha512":"e78d85b7508b4fb91a2d922002e2ce7833ad2c87c758dd97000444828f879497afabb0c3aeb4e49274075ae5400f020ad0ed4547f814208c3a728db19413d88d","ssdeep":"768:EzvRvH2fytiAHVTnIPP4KzTnxM6Ak88UAgRZcznNbNc9MPpxqRiNbcgPs4471x:EzvRvWyzzm53nyj3Ay+ngaPXoi5N0hx","tlshash":"26330107f649d8ec71e4027ca6a84c9abe09e73301845b47a7eaf8f28fd41339e05d51","first_seen":"2026-04-18T12:45:36.391183Z","last_seen":"2026-04-18T12:49:49.704119Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2535,"timings":{"blocked":846,"dns":1,"connect":279,"send":0,"wait":560,"receive":280,"ssl":567},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_ico031.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_ico031.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:25:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd36-723\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1827,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced","md5":"0fc67ff2e46eaec6a7ccd13f7bc468ea","sha1":"c99aa297601969e4d94381ea260fedf2c446063b","sha256":"50438ff807ee928f35320c27294a912e288bfe0db144bc8922cbe8387f2900f8","sha512":"5acccfb0bbcce6f27712fae00e2ce3fcaa89cfb71ac73e3c7f9971155f79d195b77fcba61f210b023956f0fced6cbb1ae6b8a4151b00649ad157f7fad661cefe","ssdeep":"","tlshash":"8631d728f891b844a81d842234dfa03be62346806fd7b8ff7a9de9e75210921d01f6c7","first_seen":"2025-08-04T10:32:45.249333Z","last_seen":"2026-04-18T12:49:49.726654Z","times_seen":14,"resource_available":false,"data":null}},"time_used":654,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":654,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/i1.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/i1.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-a1a\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2586,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"f3ea1d6db232f342941fba1e72532d5b","sha1":"b3d56a531fe52d062141e4b6b5bd3517a92dd5aa","sha256":"e19e7d47ffeec4c82f0095a4fde0139ed6ab412cc2c96d1131e9888e39d6ebb3","sha512":"8e58e2275447e345e24d3a5643f11354f57c36680fab0911bbedd9fb64157c900bc22624295a4e683e3566601f4544883416e27b2c06fddec18db3be40c51e6d","ssdeep":"","tlshash":"4251192aba025d04401cec0830fb332756a7cde2dbe1f5f3a7c640566aa63f454986df","first_seen":"2024-05-23T13:11:50Z","last_seen":"2026-04-18T12:49:49.697866Z","times_seen":15,"resource_available":false,"data":null}},"time_used":760,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":760,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/search2.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/search2.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:33:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6df40-949\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2377,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"3d655bb3bcedf8d9bc2a5014efde8724","sha1":"054ea855c14c589dac21c65cc9368326f81e0692","sha256":"720928c204868f5c92968f834bbf4b2d142a0319a98a78d16bda37786ecf5c4f","sha512":"121b45c0006ab04c9fcc24f1f6eda3f2027691d518939e7cd0359d9145fb55c07e68a1a2ca61832d1e14ee8fc4c20e03b1775fb14dbebecd7fbd4677ff67ecbd","ssdeep":"","tlshash":"1d41915df9127881d9c8fa44acedd2476f378b81da83a48d7cce8a1219210fac80d9d7","first_seen":"2025-08-04T10:32:45.280792Z","last_seen":"2026-04-18T12:49:49.668641Z","times_seen":20,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":431,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getConfig","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"OPTIONS /api/getConfig HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,langcode,user-device\r\nReferer: https://bethx.vip/\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\nallow: GET,HEAD\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:53 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 4u5VpLFJ9pxhhR75ojGTghrpkZ5TbE5YoKAUJjxgFujrWAgaPSFQnQ==\r\nage: 1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"global.turing.captcha.gtimg.com/tgJNCapCss-global.8449b280.css","fqdn":"global.turing.captcha.gtimg.com","domain":"gtimg.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:56.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.gtimg.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 24 Feb 2026 00:00:00 GMT","end":"Wed, 24 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"BA:08:F4:14:CE:A1:19:41:5B:1B:49:47:36:ED:5D:D9:75:EB:21:B8","sha256":"1B:6A:3C:E4:2D:7F:45:5A:83:7F:AB:6F:F6:D8:95:42:54:4E:56:C7:0C:45:D1:05:D6:A0:4E:78:62:A2:88:5D"}}},"request":{"raw":"GET /tgJNCapCss-global.8449b280.css HTTP/1.1\r\nHost: global.turing.captcha.gtimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 20 Jan 2026 10:53:36 GMT\r\nContent-Encoding: gzip\r\nEtag: \"8449b280e4269aa9b92fe9b07182ae9b\"\r\nContent-Type: text/css\r\nDate: Fri, 23 Jan 2026 01:52:58 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 7979581459429129190\r\nx-cos-request-id: Njk3MmQ0N2FfOWYwZTc5MWVfYWI3M18xNzlhN2Nk\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 6391\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 11241784268097781430\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61637,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (61637), with no line terminators","md5":"8449b280e4269aa9b92fe9b07182ae9b","sha1":"661fbab09bb12ffd4368fd9599cfaf179fc5d03f","sha256":"9fbcf619d9a779a1e59d276134b58ff5e9b6bdc81141d84237379542f9c46eda","sha512":"0c0e0ee796b4f6fc2428084543c481fc9347059df514bc5d353e2919513e9c1d4b2e6b1b6b460cdb7095b39b44a5158895bd3748626b155fe0a0313292699987","ssdeep":"384:C6s6YwiLaghl/CjqHPj369U8Dkhg9x7zZuvVZAhu3lUVjZGZpWRb:C6s6bi2G0Nuvkhwlwj4ZQl","tlshash":"de53f2f2002c1e06daf2c417868f9696d034c353f12a81dbb5d3d21587ab9f7b9d19ae","first_seen":"2026-01-26T11:46:07.107684Z","last_seen":"2026-04-18T20:07:52.041151Z","times_seen":18,"resource_available":false,"data":null}},"time_used":1215,"timings":{"blocked":595,"dns":290,"connect":21,"send":0,"wait":21,"receive":1,"ssl":285},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/data/1941/forward","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:59.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.qcloud.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 15 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"97:D5:C4:59:CC:DB:39:C1:09:48:A2:5C:F1:CA:F9:65:FD:86:E4:8F","sha256":"A6:65:54:11:17:3C:C3:1A:6F:AA:C1:D8:E6:1D:0F:59:2D:E8:DF:E7:8F:D2:BB:F9:40:83:5D:1E:01:65:D9:30"}}},"request":{"raw":"POST /data/1941/forward HTTP/1.1\r\nHost: ca.turing.captcha.qcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/json\r\nContent-Length: 17229\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":17229,"data":"{\"req\":{\"content\":\"n6zPatg00i/7Vm3RnzcZrjcgT4Grr8f6GIzgVxXa3g+re3hAvoZhblFa8Z9AMLKZoCRZ5bxA+JP58b8NcY4PPRSr19aFSDYGE/bO5IAAslPs2HAkGvtKw0/6CPKioQITTTCfa1X92hD/WDz+HhEvpR1tz+fONKWA/Y02Yeg7vpHWmbI04kw69bP80aoRI8ortD9sDlyDMm4mQxpPX5rXvimeqLZle5l/23QwvgB3OVkU1sHZY9rUu9q68ZTqN+HOFI0BFyRKmFyfPI2Vxh+71s8jr7Usd1eofhAzOXyP2xaVH1oYGH1Wxx+zICjlLRb5jbmUjkErRk6ARinB6hIr3mPk7z1sU+UkP0jtW7J8dmxIAXhhqalXkWMb/G+jlwR/Drk23G7cOyFkNDLzQ8Uguic9Qq/Y+cOQqHi7XJe711JQPByH1uMM/74p9eOYTrXho9Vtn90VKtST6awbgYcBNCWj6DyP4xNPetqSRxwWbq5oIlITWl2uK8Qdr/sfTs3HFpV/D1tRlvIN2S+SMo5L7s3CKkDTk+QwKc/2ysOfgps1ftHDNsnbomJQ2Vy+aCaL1ZG9ecobkkw+p+bivt0h4WHYNX5Ir3zm4UNeiNvBV6tsfumWWdCMJvOXb7FB2V/uk7+NfQM8zafuNjBkaf9Grho1iIZesD6dh8M88Zn7JCtxY+ZTzXsr+LhsLRGVtgVTeX5k7H9O76Fcpusj/SJvH2+9mAXV7+dbIEYsFZ5uIbhWBykCw/TNX21frXkad+vqjcsQIme0fmbzsN6Wht41Jsj+vnL4drKV9yF+z3JkeHQ6ti1qNCLaiND3GSU0mmhLwyWyNTWO6lszNn73rcBd/Y9OwOs4lOQ0aCi45XZWsMIVAPHE0kJ3F8ifhGoE7sjiFzhGam0FhtfYrvEvAp2Y8T63m6yFQ1GQi9/rqDWLuQuLflJW+Pv4RB2pIiC1HM4JdROc0AqppQPSE2gpDI0OuGhEWrZHSyk0w7VhCYWgGfz5nYsX3gQWF/fQAUu9HdWjEKlUEtAQHDZ3PMirZCEXwHRzNbOWN/xowC6qtyEyeWdxhGynxrnYFaxOLhtVPNs85KUshCVTvXZ3Aa/50VTiYhgCD1KzQnSJKzG7NsM0Eqz4uMgud46Yj1bb7/Db4/aHr1nPOWdsQheOC9tIDczL6y/G7c4fDpvwKhmjOyxxej92deerDGHRfZswGBIv7TzCpwk1CarebVzqEqVly+pEJgeT/r0V6eulyLyefxWV+cwCJWtIBneFeTcPd4WcPNucMdP8Zzcncr7USSa+T++DkHlDElX1vqAG0rm/hwc9dpJsPbyUvglUYVRsj9lEIDBBBcJhuC4KZAeaIAAlnNNtV+rxtlcg+GPxReWZHoNnaKFkAlNTHBm38tsPR+RS0CdAvMTvBiPyvEzhqupWSLF37gy/1mlf7ZtF/AS1m9IpqTkCoxPghvLzMPFjrayoqfvNSffb/a3EKh34qpCZntgo5kJG0XrvghxzovP6BdsgSsQPI59jP9WlFPe8aF5vMn0RMwlxuCx7SRbmFIlNQteUsQknlcvefM33FrgGN6JFvBgktd1DofC6X2HwTO1lU2R4KWMAOObKI404ZjdybxjLFuljQPCDeCdv47XquptsZwI0AHr7TLuFy2WWWGhxDfR6snRaJKTzjileqV4p7aFKO0zm5insEPFS50tAaJRrYdlhahH+BHGhYuVTeLWDjNcFqfT5NycOoAnKsRJplZ8q83VxuVGp+17jfs/+U6K9YOWooE2T0terJasdN7Cygw2C294Qxrfd6t9qHCHJCbW7qrTTM8vRPG96K/b34xDJBWrClCrliWfYx0P+MX5uDcwXaA9Ky4Et82+oNAyDnK2p9SyxylyP6KKDZ4ADghV4TlhUf9Ohxv2x9LYgJyDd13DEPEooFcgrX1vrIEB+qj4OIm9DuvfCCprQwSZzJiju/eaipET3pY8sqaU+kJEbGj0r1Fakut+Pw8hh5qlNaWqjEFcXfF/OjO6qrKx9ph2+wcr2hP9uB5TnjldEj7/hq+xcUe8VXMD3gXxjprGBpTV3zIRb3QOBemIuA0vnGEGmhvHANBVv7w9Dh/jYPsVTYRneUmh0uCe0cnGwJ5wu2x4UbJfloHeXtbwls0SlWsGE7oxguBtdJbJZriLeK8on1AQMOoNbM0+NhmccLyUTYGbLi9P1p0JBbo/rwi6Ki0yDmSNUmb/+rBv0LIOFrhHtZ2UUw2DjtVu89S+CI0ZdvOxqu/vsEm+EpPZEZ3h35b/6EAS0A9plE7LyblXURu5uVs4yV2F08jDtUw2eHYdJJnwFQlswZMg/1AB4HX5rRTM0PUYP4XI2hU+sP1kyaq8dPusNwek6TfcOkQIfGmmqBFa1Km31IxKx8bvK10Kojj2ZULzIzXh+sNCj9dPXj3FPcH1IjwUcFvM8eiFLL0IhYs1s9qzNlPgxkAHfv5WTr0yymX2gbGurflkVKOzMtmyGRTNo/lmi/DrSPTCfZsOAiRKnRqJkoyHz9LIdcIC/VMMEUMssJfQEG1Dz0x777fK0mzRfBNkKdESbzRNk3wU+MITTKOhBJzTDEUpVY59TX1gewiNVjeYxTqTd2rehU4hc69DKCzsuWqb9MXNv1yXwcFdO2WdMXwkaDnGyu3gsITVv+r653Hj14ftDZ3ByJx5bpN548I+DxEHnnfWtLLOfLsiDyRtGwu7CxIH9LLPLTvhdpa7dD5337xCzVa4gTX973T7IiXHdgJnKLZeGCmP7y6om0OKZ7LMEzf0qEf2hOPwY9FvgTqQXo2s2G71dVwiRLOSc3jMia2FYhckMxnqNJCkwdmoK0IZ6FJj+NazG+bt63tQXIzvdgHgc6kCFQws/nAa83lAGULL6g5bJ7JYJALzjrVG/ibO/pmaTHe7Nek8Vucmz6jgdPUhslYNpo8/8aQ4h5/aju5gA6hzVqO1nQarS8yO26vkE/D01j5wlj24chYkG9QUR29MUXq455I3IGg7q8CrUzkU3hB30PZIbZqDRWDUvIqsrc+V2EGjZ1LFIAJSgM+Cpg+T0jgbWaYpNUWv1s9P9oZQJYnpcPXChoLHIxhmZ4mjQTfEn+dLX6ZB2V4pX5VwjPr3wNS2prusl+HeopJ3hCtK00BBDK/CYkvUu5R63QVQrqG2xA1YhMTww+/RAeu232+ojmeY2wg3f5fIEP2DCmAF6Q7JJJWhoCmMy2C3X9u9J5mdZz1IeKIv/YXnsLPctiYsH0PlSOe7t5D1L6+Urt1PpeWk2UGax7DXtcj5fZnrUJA7C4LcP5bEFkxkmnTpU4roFgTG1KSg2DqCElmY1UnHDz7BQAn0OB+zVxncsoqnfeqoSEEzt20jLkXOw1uo8iMmpWTmGVTpzmb/DAVnWY5B7JfZSVFhvbfMZmM1bRaiWkTcOY1GSO4LUpYSM0eIYgoTaNB1xTQWDC9oU3Y7t2nDO7D64u48apVYJtGGYlKvQDmGytUpMaLYAfoGT+hzpHpv7Yq0yYTiI21sN4LPJ2Sz5Xn4bn+2W/bPrqfhuIigLDO8Z05LEjX1u+JPFQXp/mAVhhZWvL8OTHRyBbedufrkMSd4szVchYoPCbdbxtH2lz/y+HCfdoUJz2Mkqq6dr1kepL23jLlzsO9o+ulirmbGVCCQS6et0mGbFkFr7P9P1IIB4K66WjLZX6Rx0Du+3tU6CD58gasFYnJD2XW7yHq6DFzBZPVJ6JRYEYDvtQs3mIdnlTd6HYGmWmjMhZ/o21TeAsng8o9E3OU7lykG46uB/9xJYdMCOQp3RFjEygoQhnNU/snz7th44qxrtT0uwJ9+YN02vZOqPj+MtoRECA/O88RN6io1egQHNwGSwJsAD26Jdm0gyJpNAGMU9jz/IgWbdO9yEzGkSxaKl7wPmZ5aMuDBFnkYJGMhU/5zvnvdeanjDLMx+X7cShJIf03+UR7KLCcWd0c21aJzT9jaRvK4JYlH3RJSYKEN6/G50vh6fJTJxYNHm/90+RlL90FOByVOjQyU2tO+3PAGkZAWPoJ3lllgy4d3wFuKDOoq5QN2+oczUb98htl7S8wEdQ0/+0DL2oDu1m//PWLb5vM9anIBjSEOyULHuoGyNeGXyPPOhb3Xo53TgZG0+/lJ5xNPQJDydNLt4yk0ywQumfwHeOxWW83JeNZ6/YwGuPV8YYm3KV/pUNOblDwckSLvn1zZ2EL+rBsiDZvkWbWFSpYWn1YdPFrtDXrcGDfsmhER3WHnJk+yVbWuVMofQzE9/LFW35lJ/qvwu41bupi0WtLIC81Kf/pgK+q6Dna/FOlHuiHqsOe5IvZ5Ibr0KA54w6T5JynOESL742Iy077ryKEIEZAIvpM07mqZXoQPcwEMDUEFRJUGzo4RC2QIOwHflANY60Q+4bXULicLTEpTx4g1x/GOg5SkB5pS9L1tZ7mrh9MTJVq/ScWZwPp8535+BWLZWbnnNKJsr2HJQDCoryOlTQdP0ilatMFJG6gllLWPQCBpv7Oi2jS0CrP3bzOdEgyW2fUqUpK8GvU0Fk/o2RtOlwKsvlqIEHvR143C8hYmBsv+nOpmSo6q+ciAiiY6mq9cPFCqwfM+DXsn5ly7Nxcl4BzZLOb0RFNMjLzc/ABXB8tlN9XGL3HBWS4nKJ/FCbz+3LvPloRfs8wHjvFqz9DqHJfp02wl6xoivHbUOnuCW+6KmgGHUfO1qFqYfm0YCA5lYZ9aoaEvjWVB1yeXpZppoEMxAKtuf+HIlcMq7ROncREH7evhis5eH48K5zfOVfYamKjUJ2gYx2Mt/dF+FQLLEvMv7cgXS+sivlKUlfq41o+372OLpjE6XqeTzGUielPyY/ikYKP2gXFgsaKY3aqSvUGWUAPSwz+hXY/pWKGV1feiS+JiXL+POjIrtWH5W3v8NmXfh2JChBQ2MOCqtypCtlDC0vniMsI1TTcQ46jgBQv3DysCH/mEkz+tSl7ka49Hy0XZTPxv10DAi34Xip6OFJUJqwbMjxEk7/qUjMIK1CoKxXuUpq9NvEaErqjZoGOZTzVfC/TYnwiv9dj6QOZXZyr9FDDzFi80WlrcfwZNIwHuB+AL4Ph0e8AkilImO7u9qmzU3PuvIqYgY1J3ZvKvUZPHcXRIoBRoya63YazABBgBH7d3wxJtxuRNYvuuWiYbYp59jUg2V+fttLRXiGOhm1AGXCKUMCFJvAoS0XcimeO0SyT5Qcu5rgwmSyEcpysucGjEDWP6wU7NecLX5sXgyhIEuplibie+SSw56mPbVKjqxl+ykH5HbnJMJjSmaBvrZ+W/egN+vW9vCD7QPAs1c1/HhuFHioZqL5jBlmZWVPoR/sTVb8NfDNPPPkVYAOFz1meWvJHyzOYL8srQAnF/w3oD2Cy63t2q45ROq2gLrr45kvR/eRC/zC7pWRWTH4q6GjRTWw5WbV6VUmVdbNXnUWE4Wkqv9EjKl4V7OWCf9sE+FgbYhN4aUiAbHIDQIlrWhHC9XPoQ7bnbHTaLjUqGnHU6uuDSGRzR8Iglaq92VqmtCE2W2rzKU0wq+4yc20UIqGduM4mUflpApbBUuwIQEflBj5U4pDpokmK9tf1bAUt8GNncML6Ok/Ray9V51yQ6XE0t7uFKTFX7mwdoB4e56mOjiE6pDqv4s48Sv06gZco/P65mjhB1SxQkWAG8TOtl8Ri2a/HJnIq1llfB1yZHnpKziex8UU2r38KI8fFSw5UZ9g1sixg4rC2ZSKgt1EswGbFOuxXzESjlaAOwlhInAgsWbgtxkYFzJTpF2Qd4ghstP5DSWe2KRN4u9qSWWEt1ikFcHrkiubDDmCI6Z486U/atBD49c/U3CB0PjAcnZogDsFxBVBLTM1rvlvAYJzs7UB4pO9Q5pKplTWA0rvCpqx8fb/nKiWxYBcQo6X/UZZYfTNB4xvgZK7l47mEKvPgZd+AOKRDXLOoJEVd8JbBAf9zpUY/L+3RbCTpmBgVjkjkrtd5twDZ/xNOJdQnURy+807TCK6ZwdysD1uf8LHJRldmE1HSr91SDKInVm3DT3WrlxHnvKLOw87EzR188iilwDV9YgieMCQI6UmyKXNzcYRXLpJCXXcOnA6fyueYVlH6tyLthTdhmjLSQ0IzctjLqUiVlAr/Uw2wwdQiUGrzt6dYmEGsa439pQT1e6Z21YjxpQPZcThH2LpVuDM7TbIGu+R4T/OxwznUmtx2N21yp+Uwv+ugnrRsGYYfvul9PsqtmvHq2rlJv4qhaP0qHhURTarZ9o2xFxVeXhgX74u6/o/EovTi82B8X38FkM1175VCCgEoWI6R2EEz+a4Ndmhf+CfAYUHn9tn/H9QikdAlR+T+HafoRyxNx+bGb2FUSM6mf1NjHOkQqvxwQwkJrBVztcM/NucxS+Hz2ArPRVwkbfhXAoxn4htCJC+qlMRhiDVA4GpAreXjdvTWSNg958CyRiFl7ty1q0FUZVP/4/Dz99YqslqEfS5JfHwyZkdD/V2vppN9mHBOygKO3NWQOaNpX4CarSVIqBQCtdXhVWIKuZmpXzJFyXwgc9GrKrrFRBmOE1kyjtQcHsqdASQYEWUnu6u2sZU9Jw/fouqBaR62iJb6pkQNqemgpH6l/muB7ktssc9TyUL2R6igi5k6EhJdFt6I16wVJfU/wTM86VrZsOsZE5eP1S/YGPyvYnEvg78kb49i4+7gHFTbpLtWQ6e8wXBadgo1gyX8Rh7j5/uB4zz7jSOhjNeMvhhyiAblx7jMIHSNCaTxtgo1fALJ8jvHQXtOiSBwSgyjJ/9pAcVmsFYjQvUH7TGFN7tIbhzPIT1hmhPPBHiwbs6+A5lKxB7K1wyYju9hpkZ38O6IgdOvpY0gTM2fm0TVUv16/Dz9WTCoKH6BSSM6zi/0WJZU2SMd28k2p33XB96LchkuiypjB/1zJWMTeAZF+gBmhTdzwcbbpwFHdDi7dbhCHW2A5Omdiinzq9vG5N6hp/EHbBcfeZPIUyA0uLn8BcUH+RUMZU9R65Q2F44iYdR+ykSUbAcfoaZmS/sfVJbnKHjOE0QJ6ClQS17HNdItgw8y+yN07crlNkLjtzs7ZRiKnxbEDi/6xc6gz0dKCKLOBtiHTqmLoHn8lq+WeP/IN7x5zy8FOC40kyRdxPxqb9ljM3oOGKzz0a2sHJkqFxn+6lMqfGHP7y30zKJeIYfXsd2xcjVvTVodsrNR23gxO6W6mE0Ns1HAvIqMycRSCZ+giJL6sbroxUoqFbNexoHj/BV4Mpeg8oflmsSuqbnLSh0wt/AoK0QU3KbVKzCRqqVw1Gp3fdjdUjSAJtJvcAmKCH+YSnDLXbNwqShPDpA6bNM7ZTCmqiZyfcOFMi42JOS+keFwnfPwa3VObEN1vU2MYUpaWWmDJ45FAEGfkV+phouDeX2rMHLg8ZRzOvZeVJBsCPB6p/bPgi98SuevgCtdi8zES/LoMKU1FCvLcCAXCt1UA0F0z9Xq73BvLx7orQ8ELzjY59CO+NL7RL69VERWVSiv2x9c+kFg70mhEJtsexU6Ha8140P2J1wklLQHxEjCBxULPfhtVsZuJVrlxIZymbwuo7LpCGhqzsVhSl2Did/GkR7SxbNz2LOGYiw4NH1fPHByECSm0+hg0ICV3bwgqZdHKuUE/lh4+U64c00eFwCX0rLl3mzW4ykBZVLfxbBRhCjypwo90vewWoiEwMtAwvUKIK/mvtLNThbmjRlmzCzTr4RCa9ASQCuQpGHLlU0V4EwTUYXIBWMabP25T/mtQAg+GZASBpPivjdFgZUwNui4X/GaFeoNKG+byQ3dlDyLJystjIINaTaM262tMAu7tiEvCQfEUkeEC9t0k5DzTBildpNMbHoR8OFRC7e+LrC8HoXcqQV8ktlgrLfHhGPyA1enMtFyfAVkHnnlDr8aX5pJgtV7iXkybfpP58oTrSWqVdXwlP7NmK6cv+21LbejhmiJg0blkGhGce6tqzdqctFBz876K2T2/vGaQrpVKQMrNDayC4grwVlsKLqixFBhRyJ8i53GNaUR/EUZ0aBI/YIx5fxeGv0DbUq8sJ68HRkgTH8HIhAkruoVnPNj/P+ZMm4mRU05NJJXApPYo9+f5A6Jdthft/cRUitMn5Bp36gQN1PBs+TxRXXOTLy6E8FyNn+crvBRLJ02aRZgv9GNi98L6CFikzGpBmPOb+B0VDLPjvwemp7B5vezGOCCreN7IyZuyIZ8jL586DnBcQzJ2GiSYkLhhvBr7ZpSo4JwcWXfd/sKbGOG2V68gq5vDExXmVQwlET+iLPZkxoYBIyuY7m7LN5R6K+fAiOxQePIQCDMOn+d2wZBzymITxlaMDNJFf6hBSOXSRiY/9gyee7H45saQh2tDfPEB7tB5NGx8gAaTIm0AMtW2BoLdOLEh2xnyTzjI/Onl0XZwChxOs5aMkPzkmIPyMtgV0sT6ATOiuQLb58VVRArLpCUqzOzZGK+nnOyrYXvFVAxUOMafIMEBujDleAWYJe12cdp2WiQf5J7qUzc8e6bc8yr7gYJkj+U7w8vY9d6ZFA1KChdoILAN1aoJMZgXUgarhrgpWPdBcwWP01FkRvwkCP+TO/ACvEXeRdj8PG0Vcrv8cBtALbX7l0UjvS18q+C8+Psz25lmimB280EwNL420Y3nAoeRpVnXPSsX1eMuAXNLv/403A2QdiwJUUiAzDbPBiXp75tT0RrVVjZhURs/4e2e/gdxD9J/92r6NpTa/K1i65PQAaMIligU6HlfxD4D8CljpRHQQ2nJLEe7OkUFC0JUr6Roud8Ai8STg2XslYe0xMmufERdfKB6EBHt4Zu44Kf7Ohri2L6iXIIf2+wNMOMroOBuWjXOqvmVuv/FOv1YzdInAD+3cX1wBwviHMYrWuHzdFdaVn+AGz/pkAASf4+iaZVtrOGwZaXr2IpnM5FDow/MzIs0FKTLrBBbFTytN+Fb6gZkY2/Z2infvZnNPSzVCmkt4cLu0axV854ckjr/yEegO1tf4TTzduWIjXG1kZ5NV31HD1q7p+aIWAkl8+r5nlIbfNPO9jlmCoZSpSfemUO4bIzHKtjCjHEtl7550jhHRJvAArvGmfqMDKSscXoakX5WZuDROeO9s1+/ejLvLYjjzGnBJhCi9eQYkMw7Y8NwSQy5xzBRfaovkTkmxTugdjOBip1DM3otKz0I8Dj2/AS86bZoOBzz81SUFrleA7PlCGTdoPVykqGdTvbM0XVhOi7A2yDfMtH/NjOe90O5S3YdG1GYx0LBRMnTNJc7PG0CaA98AR+oU2tOGOQx4+clgJ2TTHrg/bjx0tA+Yxnwbt25h8/PwWFFrR8dPG5nyrPkKP+DwVJwpS2Mxq0kViD1mrkqaTK4HIknCqcnN2BxFrzZ9I7CpYHCTRzjZpG5nCTlJlPXFUpK9wnFCSjFtLLF8UbrQl8qxAKok440AfnsitapQMwoumgP+FnJ9lKiQB0jIuYus07TBm+7Cs6a3WdToKhnC/Bq61yezqUOZ/tqVF0ueNmgJXZTZKYLmy/HPdWc5MsY/o6vAccmmurN0gqsVo49Fm9vqIddMKUukELIOHBuXUnROR4zWjr8j1ArMSsU4BUDVzTYnuRXyDalmCEPHnDg7x10o30Pisjx7rZdPVr/QVg6xEUCkfMJx0eKincwUSX7Gm07tsHI7hHKqiz+YJBYPMWsIEfwhW5i0tZDGAEvjsS6eXpZOPRyCJ/X6JoqhYW6qZ8ZawxOCV7AvQ1rGIoQRwYYPJunGIrPWqGTc1RyoZBtOLYrRc/hUUAW9QKTDHzV3qxvPqw+HjwdrWSdzlAo0k3t/WOX4zMzumNPXWvsH7zGVvwLfcGHsG6umLc/OH3fBIT9qif9PdmyxOpWsYzLsU8CaK0k6uIlwY2pSLqj7Rj8n7EauIsTwQahRgkL6mEVeyeceaqvqPgwbhVPc4D11bXZzsEpc22PZHJqNW+nzLbtxrca3ybh5r5bq7VxbWzvpiKMasJiEoCGGz6/JT5X6Fa/472WjAiYChfBEU1CXdQeLzTiyzHey5iwd0xNTD5yk/cgjY1Jd4FGu7Hcko4SAxUGxRD1nG3k2QfPH/PWM/kjEF6wpOtxaRKQ4EN6CeVELPaG25EpojxRaPCCWboaMFUQIQ80XuF6XVZElse4X0kN405mmqgQ3XHoJ9WOFxeOZVlu6/yOe1oqgTBrkvKlyDDcsiO66blglqlDsSc8YLA/rCsSNIBSVQ9nSVN9E23/JgD+VPuHtuerlJt5ltoGKZ+7MVlr5SssrwXL/xkk1UV4dwt7OL7dpNqKadEKwuHbD/mtXHdYWnnaoCcMfX+bXpHsoabCH/TezXRyQLXkrc5S44lw6H9sgbVC6AC9ayaqUC3wh1heIOIQWTLptlIIcWgsie44Xj3kagy8Vb2IgRIneiLAJgtU9WGYXDXWOt3zH4B352d9ZD3+khQhNxAbORDwlcPpQq4w9t1kfu3uLXgCkM9viqKLNDsifZD5j/BC6YzMQ9uKv0fcQ61QiIc3lWrxShD4rAkkIkKteIWMsGH9EuYdRMblYSruVC3tpG89FoLncsb5CRCJ9eJNMK8bjs6FV7Zswv8BGMnb1b1l1zYYhjHtbeNrrMGPt40Qs2PfCBGpF0b4ferUGFqicLLd0T7FIbrs11mWmM4Sz2dpX6jkQWJhJ8X3bh7LWpjPlKxKLHhYRBeS/nQoZwdAnlkgGmi2a6DpJMMR7RqXtnyLI4SlxrEPyom8V8bdnBnRNyLRf05Avg2Ve2xfjGvv5yY9QF1HDgImSZznHJb4ywknb+k5tXwfUj6m6eVKrn9bFJG6jBrlsvT4qQ3sgkMRuXUbBxoWNW73KGerEQg+lylP5s4EzOk/v8pemTzLBE0wlx4evxf+eFGzYKWSEvme4rHkl8uK1BdVMAhafeFLIBwOzUvSBLtFaURFRXrfL0RiZMm6S8OkkFwwIlpqIr9uelzh4x0FSYCYm2nKgHFk0zGI7K5uos3Hy6Z5NAN0iBndjM1PUcRZBpFxY8d2bw0xRqgA1fMhGeMf3xUXFpONisv6VQ1t/QfrzLze6t1dy0VRFDHYjNQwumAtwFVewe807RUzVRazre24stsiY8C8BNFMC3bLxW+tn79CxauDQONMiGx9jjxwzXJ4hElNkiMnY2ZyjYOlujY6SS/xjFo4enNL8xZcDhvnJ5fuNcOlkkzbLrug+59Q9jBI3zIypI6szVmTtKO/k+GC6e/z2jjO42sjkk2x1eFm3pzTcd1ZrwA2V/xzkJCxMtru1IVR4JWDnvTQK2fvkgcrmEdicTyh1sn1hbjOXcEE1WCyqmT16Adqb/ss2C4+z3YKEd1obrAzWL7K21xVlKpQoyC0IpNZS5huhfk6fqztrjxXSUtkJoZZdqki82bII1uaAWoM+fM1eW4ImcFEHw+4narQL5YJST4d8ZJLKmAFS6JdA/sstXwV/DOdZZngpf9Z0WsX5bgR8SVmSV5eHT4+i4r4X0ymJpLfsW59pIA6PcX7DVmo69ivIxqkfCPjR7SGP0G73qUKFUzR5iDPF+acEZpkD6+6MHxO3fv3hxFFWH6X4OjYZRo1NK7rDJ+jEzBw5zV7gZG47VvSvuhZ1gFOVCoLlSk1J6lH01VbWXRPvc5MOlk1xrU3nKUPCamCUEV3OynL+KSOGlvEyb7QY5BcN4xLb17iHXiy46SPz1D3oU8XEFdubnZrnv1QTq6hEs+iLuQP0oCCNq+wZocrIyc04sTUEfHpuSwe459XSY6zCft7pHM66mHLurY1JlwQBwoBypKH+STJ1mvSWbwOhmDUvk4NXqgbKD/gmzwlWVF0IAopkxDtzLKLaeWwGkY1iT+urL7nxfhdxgLmpUuMv9QVhqSrmsLSMZ9HtfzyRfUOZc6m4bAKNYlxCDpxWO5ck2Su7eVQ93REARHrA0vufNiL+yRONEHra/iexuh+tMUrB4k9UsanJz0Q4WG3cizfVvluyswW0F/tKPhLyCiv/FlLo78WG/Wj/9f8zrF2w5Y4Fpd7aqmXN0L0vr9fvwLKqs2V8hLuGyfsDwH3cUjVQgpqmV4tBUF5R15WScmxK8ECi9/vSdCtUDbNcwzQb3aAz76Y8/G/NvrU4YF1VASemlFI2sg+CDBVubWatxYZuxzAUPrXwEXHStvvXyvrvqQXQUXmHupR1e7BM8gLpvQCxvJaWmD8yaRrrIsgMOc5bk/7hOv3uL0u7hG7JW8Cc6FWVztHrndr0Png3X1U9HR4iysKxaFXlVz2JZTqO9+ru44CrcDKRNCsygj+HzpdEkauS3ZpOKJ1pvTeE7XdEG38E2MRxMMnSGgQb59YtF6PaqcSPVtMtqhJ5x9X0b4j6iqkCTxSCD+CohylZpM2DA7daZsrjo7h8EtKsZJsCHTqBnHebrIeVFWKA0syMhttCquOJO9G53nf4kEr0ANL1fpJU04UPuoqL6mfzwCJlQX/KcXVgIupg9SQA0jZjLYLYAtzYQ8zJ7Wg1YcdwUh/yijtXBeZ3QtEkOIYLCrx5h8nxNVpuHAB/7nJpALHOOdBVqtLZyi+yrBZHg+escKadsEGhCS7haxlDx1fQOtLlq/8NnU4Ntgixt9BJC+C24bG97jMinltFArNxKGl98vEA7PLKHNC40260wSUxcWOsTLDr4HBbDtvv+gSPJx3XWb0Jdwr3bvaITGvxQhIgG7bypXsAzBkqEygLoWtPFSe6wHzlkmfF1TWND0wZjEjSsSrsoVpIFrLL1F+F8I7hfSvoYSbfaG0BuH6eTxJ1Gj8ftsiq+im1SAWyJUSIeJSY1ttPaMoPuzwpnBWbriVH2qiyZSnGMU4lmz1zQR5X/oOHxSOi8UTk+9QPFgpmhILk66TbYsP2d+sHn+K+mSmmZqMYeStbGfoKqyaprrQPL2LB8hGLkVPcf3GicyPhVKBzL3sSKjEgGEa6hqd14gvPLspja+2l0yp5NXq3sB4HaAw/e7td54eGIe6NpdspNx8rZa5x8WXg3JLbeTMLpKE+QWLcNKK+jF73rSjzOPK8r/jIaybrZ6QIJtbgfYfpz1FFI3RzvyDQTob34091xGrAXMDihyaKyeeQi7CaWwvUbbAt3yFile2Hz5KzEpJlkzqSYol/Punj3k1fypsQQ4/rH51XWNGc7ok65j+YnsERjUtGvmXFcsXv1BLDvAIvFF01bRNAKS6v/uRrzbP+tnfpLq+WbdAR3uCy0IOUUDdBH/xuc3bByqjGK/vhHaHQWQgT7865Lz9HrLn2XRRKb0iK96gcyewa8kl/037TmO3gY40E4sAUWlFigc8DENIvNxjh/0nHC2BDzUNe3EKBg0TI5P8MwhJKp8AEqZ/r/xkPWaDkU/SOoZ12r8ksvmSvaGoFxvzEU19Xy4qMD3Mx1MP1//RspNU4+2q3+Xt6ayLYfg2xe/EnTa9+1Tx7JGAYmI+vF2QBiTmExoQ3E9W+Rf5O+3dhlxVJY0O5ErILplT4ZYKZRqo211Q9L6KWjJdV1GcQ7auMxQPQ2ZSeEMS1M6rCwMCF8H8ixVpwHPKFV9U1vUSjmNrW/X6s/nC/bRPtPrr9EUifS/ZGL2hF5HK3cbbSfUaLWbHlsvOEoYM5OTeP5A+8ZkJQR+m1bV6kOiX3bXf6DqoU7rFa+mZYgAFsuAGbu2OryYaMiltXDNnhzpJRUd/+Id18PWm6bIMGSzDuUHNbvUH4ufC1t6rCU6k/tFU7Dav1Nc8PXMLYtGaq26uuC737Coh2NqQm1i6bsIxv7bG1Xo3rtiVXqBF/BTzdH+vFU4SQ+35E6t5z6X0WVfLHvF0kTp9EL5oYhYsSSnQIqFyQqCbul8tBR7q3XK3LRrdKfusyH5lSToKN2UN1aa7NRXHXUYcpjdZNZFXagkJDtWyxXiWNqzmT3yfF/GtbvLvMHZxKIwe51AMapqArmujtKbUv4s486rF4/vWwLFoX8j6pjJ51XxeYCKeU+27Iiy3SdrQCzOMiAW1OGz7vnlkJQdpwsKKiR+86nFDPrqTN7apTBOxj0RdRydI4FvX1AdenZvuKmjPROTblsq5IiPgyKRrjqpbrow5BmvMxqphT4uDvaV70mm4XrhfBbRdi2UQBG45IXMm8Vdk9uShMoQMb/PUwIjInCZRwl7lvaEhrKVd6jmzYTumslQ9Xdhua27PBKp1AsvMLBGo5ACWQynFjjAGddZahHiuS7HvbOIpyfJ1/S6x4NgO22uj0ClCpPimntv0EQh2nihVhI23VuhibHOmPYD0vEH5EZvHEau9JPvcjeV9p7QTFm0uh+2d1KcLfPzYj6dWwrab/LJREsaLwNfKhP0n7Sy49gTowOb9hoW1CUcI40584dA2ko+qDIyOEQzeV8RdR7J77TiJXrUiW8zDfFIe5YnGE5ZYHwJmELh3ymAZx7hmWWQIh1B/uP5b613qgzKjG0/oWuGX3V+vVpnJblz6xRqUOsPCYTVWu2U6RZnzeoP2BNRCm7RwlL4GGjbMruxArBNcY0MYTNWZkwlW+IkthrmyasPMjirvXCboMIKUIiwfHojfV7WnpUneaG4hmUkterf/4rbt8MEUxIMAFUdejgNiYlNm37GXEig922etH3T5BA/N3WfjQ4bUPvt/RevAfiURan5lOzrKi8t9iza5FWDzvv6BwWyybsjGq3g8Yy7F0FyHiSrQVzqS4RRnS+JtcCFRA2fBoOdgDkAKvzVgIEkCeELa14eK7nukK307tZBfHLjMmuxi7SQ7HV8lpz1te0pcrL1+XyAgtYHDnmkN9GEWyThm8tHYXLtlK3Ng4/YyZfH1sW5g4tbF8qsSD4xhEs+jKDFZRMaq1G2NI05lcEhbC/9+gGcVJbNkLYXIcvbUPqKV3TxYux4WimlQWTTbqWfyM/0d9kg2jIwvmW3JeOEfkdRMuW2kaNuWajnmVW/oRUg9uUzaeUSIEHCdTK/FWlCVzh8PcTiqQCuOMoZ3YiluFztFX8hZuchQ7qMUM9RdFwNm2M4/nJQ8ei2ltrn4a8ZOcYHiL6/ecjqOLQgO3qj0q5RLCiJTKMQ3Glvx0ElBLDZEzGhz5zL8DuzsEmnOxJuVJwQYsds6B9waFAugemSaTf8wMcAD7UqP3sbZELHM4njd9iUwigz0yCSCTVT/OP8+/1t5OUzx8Pbk/jUCpeSjtNM8et1v1BtPnYvTGqELOOcpGeI1S1lB/xXp4qLECmTJuRI6fVLLrYNcPKpULIqEx15lm7e/De0/2ebVUg6EX+iu9wKbjidhcZob90ZAGgLzEMCr6SvgVn61pnTyIA0VXkERs426Frvbre8iE9tA7O6r8ix5KdZLLkNyRl+2cuC5ywWe6H9zMDel8M8KmaRnuw7+ND7wsWtFfYFlptAvFaGT//cs9NzZc21/0Z0yXdY0A/wDi5CbLN+lWk1GYWvZX3h6oMfHGAUslE2EiD8lrxcEjnipN4YnD35+xpVUn52NbDAb4unvsZKTnoORDfCcFKzWnU2Hu3ZdUilrGwYnXBYl8BW+MAW7YwSjKFLBkYFqYqgwqFvqx2GR5l9AJUnWMdKt73XEYT9w27vEFijW4x2b7ZXYEdVmH88i+XXL5vylnnK/swFHkk4Fs4LMRbXhWabV8U5lY1JLGp2gah3i3zynBX4JuwUtyQ3yL+rCY4Vk6FRGZxqiTkv5gaPQUVmb5WRh/9bBZXndlD8O/XwBMn5FbPpdmpU/g1ca6My5wt/yonDRhbqgs6r1DIAlhl27wb7iPJXgrgMdnH50SGAAqJN0cRvWpTJKc5RJaiafgmpPCU+DCi3m8GzcdH5zo0k1AZQGXbLUO0xF2SRCju6NSk9rGljRDdfJTUSQH8lrZFvmcRuQFUGYPxsOnxSJ2g8zHW8slRCg5FK9REeSuEHCgh62GOtAMGWDSCFSC3E1CydZJuCzYjg9rWzSLzLV5CBIoAVOlis5OTDz2SmAlQmkp+EhNA2vSGobGG4WyeojGHXDgSvAqm9TKu4fxbEGg9wPMC5ibrVLNhEzDAtnewsh4D1INSmCF61s5d0HcPrN5zpHNiQDG9XleVhBJBDoa1wPRDdMAFxH/ohYWl9ZvqqcP8nbgT7zMEN+Cd5Mv4KU0sc6YQbGIsluUWvVt/Jd0t7okUHu8TUXXFFJ1o7QHgBMCmB8v7DL+NuMaGdld5+H9EAMREURy0H7+aBfX4iFtK+yNfBoPargFSksVulqb3MTNvM9jDKvIWY64Fp9Wy8Mcl+Yj+Fr674OHRUzqqBMgeWrouHxg713coGYFyYbUMKnBSa/7MJaAcwMWcj9R8syAxtJyd+es1dwgmH1vyTBX4yvWtCY0GtoCUCQNXdfS4KNhbhDYkVxEsxwqV1qRL7UQvixqrk0akmoal5qmtOd8VYNpkUdIem34CPFF/B7SGAXb06N4l/04KuZmfQTuGEFEIDYu2FF3EpMKFZ2QquyTb+2Hgu3iI89kSQx7ay3lJszoncf+TP1H35/wKUtSeG3mguPee8LgVDJwx5EktBN96NX5fegj0Jmo9GjHTyR1IBk5NNZBHpAYy7quLMqpdD4rUq9QIC3vmG2H1y0/fN7kDMETL4r/+NzocODT+Bi7ssZ4Fh3xMSJ7Ib5dZRdD4yMTANJ3nppDGIbfJYMYx27OUvCS3aGFV+PZnsrmuNFo7UZdSqSkrafDhDhSWS1M5UurYm/Dr1KkFTocq78j0S8W5idYemTSBVXQach9CF7BU3usRZST8XJnYOwcRaORPibTRlzqtz49QWXHpYF+xkRjHiSUOFeOYz839wiq8ynznyZcQqkKzUIQ84lKhilPX74sWo1wOFQNrGluUp2s0dopeUHeeRGgIiesGdzsDhllZMwiGXRskpihL24m2gmxoclCbrB4z8tU48O5KgYysqgULsyJfyzwvAHBlREhEG6JgDJywKzvHVe06mvGbEsYbtIeNLwW1yLtTROwe0rE4jhVhozzdKLsiosnKKmK9bkrVwj6CAk2x7CuBaxIZXGYrBqah0nOVzN+L3hzxxnymgXZvaykdG8zHAdDwXXlzbF6hC0mV32S0+Tozom6pmK33PL/VdgM3oCH2Ok=\",\"channel\":\"400058\",\"token\":\"OHTDAtC7HnzRXWeWqiFOUONUzDA1eZ9Y0gVdEKozfX5YQFD50ef4xpEXmfbg3Tz6+h68hQ==\",\"version\":\"1\",\"type\":\"0\",\"timestamp\":\"1776516299049\"}}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 18 Apr 2026 12:44:59 GMT\r\nContent-Type: application/json\r\nContent-Length: 598\r\nConnection: keep-alive\r\nAccess-Control-Allow-Credentials: true\r\nCache-Control: no-cache\r\nServer: JPrxServer\r\nAccess-Control-Allow-Origin: https://bethx.vip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":598,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6c3a3a249127486c99053f4397767348","sha1":"54a989ef3378e443e0096b4d938da6306a8a2dc8","sha256":"f52fadc3fd71766e9fb45891244a6171c3088599507c192e05865e6516a82b38","sha512":"e45ab0a2b48199219bf9ddb388e768bae76858b174e15ad87c1b202c53125c795bceeeaeadecf2d4b0c8c9477b00490867095c46f5eb394710ee6cb7973b4164","ssdeep":"","tlshash":"fdf047a21441841aefc459555c5f9843133c55759d470b426b43cee5e40603df3527f8","first_seen":"2026-04-18T12:45:36.395684Z","last_seen":"2026-04-18T12:45:36.395684Z","times_seen":1,"resource_available":false,"data":null}},"time_used":492,"timings":{"blocked":0,"dns":1,"connect":19,"send":0,"wait":406,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F4155504392.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F4155504392.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 07:55:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e16958-494f\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18767,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 280x271, components 3","md5":"21dd8a21f30c8590c70331b23e83b866","sha1":"3ec501a82898da49bdb64bdd23d6b1aba5cd7567","sha256":"14a26dad75b27da8483ef79df0446f93b4436b6ca420835bd7203701de5a34e2","sha512":"fef7fad1969ae09196120c314cc42c5e9a98cbec1c5bbc152a5c3435aceeb366d5c169c16cae74f9c415fbdf7336812815f9080364e837b333b802c944f54ed2","ssdeep":"384:8VVJrtiSNDY2J5qtYVhtjyicucSmzZjrf/NfUgzWwN4:IYSNDHHqtYVn6lSMZjrnNfJzo","tlshash":"22829de081465e24f3e8ce3122dba992b79f11014fb3ffb44077a5e7e496e0ed802119","first_seen":"2026-02-23T13:17:07.823666Z","last_seen":"2026-04-18T12:49:49.695259Z","times_seen":4,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_ico01.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_ico01.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:24:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd1a-6e70\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28272,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced","md5":"429b5ae6412c71273eab84d360d92248","sha1":"cb2c902f7f816231d242f617636412e39fe61806","sha256":"82a3744e4fb270cc8a53f887fcb679083288ec44c4e4b0946745c0334879dd4f","sha512":"010a726454be32d67939cb0943449cac0cfb4fd01851b7e890266198acfadf0c5a1e0718ba0b7fa9d4d6259402cfc3359a7c83b71215461790d8a451e2d6a078","ssdeep":"768:uygVtYILq5Airk9SeicNxBda8/D2wrao6MC2:+uAh9SyxL//D7ao6M1","tlshash":"a4c2d16515c3e643f62e0bfd5d8113e816b249aaf73f0a286d7bd89dc966d530ec2302","first_seen":"2025-10-25T15:13:09.751506Z","last_seen":"2026-04-18T12:49:49.676574Z","times_seen":8,"resource_available":false,"data":null}},"time_used":659,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":659,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_ico03.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_ico03.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:25:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd32-72b4\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29364,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced","md5":"71efdcb9f535f2c176494cc2eccc57d5","sha1":"97678fb0b54e434181c0922fb05ed3238f54c1d8","sha256":"4c535aed54821144e2b4d872de0356b00b57bc9b951b1984afd1f634628d5569","sha512":"4fecb9c880287e4d158f21e68e262235c65e96ac3e890e69835ec299d26be427d14bf21297a71b07b86ebdba32149a55857208c3818331be69244533aaf0feac","ssdeep":"768:Ckp8MyjKsSTZdbjeNeDicNxBda8/D2wr9fiU29i:Ckp8kTZ9dxL//D79Ko","tlshash":"67d2e18024d1c58be6cb167ebc8210dc73139a957a6846706bf68c7de950f314ee1be6","first_seen":"2025-10-25T15:13:09.739575Z","last_seen":"2026-04-18T12:49:49.713124Z","times_seen":8,"resource_available":false,"data":null}},"time_used":655,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":655,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/loading.b8c8cec7.gif","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/loading.b8c8cec7.gif HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 274364\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\nexpires: Mon, 20 Apr 2026 12:44:54 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: \"69de49f1-42fbc\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: Ir2gJXiQI04WDthw3yAkv3tj8PHOIguN-oQtmPZADNCpjmmlz_7SOA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":274364,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 353 x 370","md5":"8d744031c2bfe2012884005c5c4b7360","sha1":"93f681b4d3c1f32a64f74215c110ceb06c23f165","sha256":"b8c8cec7becdadf09e1112be6962c55d57cb1b5bd61e68e3e60c0a925f00615f","sha512":"5e2e2d2195e432ba2403b83c5c1e6d52e34887fc5d6b9d79bc69adccd09b4b9fe60dd60d5dee9c250c20da30a6fbf1e245257997b624d3596fcb34e15d3b19b3","ssdeep":"6144:GvsVFdYaDyl+ikVjnIZJNhS6kNnYut3yobI4NsyxhEr:GU7/ylvkVjIZJ7SeutiokIREr","tlshash":"b94412d74f5a4ffec8371126606a53db2ca71e80bcf3e1b41b52e69445b2928a04f5f1","first_seen":"2025-05-28T04:51:10.47814Z","last_seen":"2026-04-18T20:07:52.030831Z","times_seen":42,"resource_available":false,"data":null}},"time_used":1461,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":513,"receive":948,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/index4.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/index4.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-4684\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18052,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x230, components 3","md5":"6e89c3eeb20eb86bc4c55ca2b601f59b","sha1":"a6f0361d8570eba17c99cc1b392e1158a8950449","sha256":"33aa5dc20e6e8c69b678589b5722a7b8cb15b27e4d5c4b24e8771b842e52bfb6","sha512":"f559cb21bbc85909995aed5e0f727b74d7122df0e6134ffd4f0b9ba8b55d58251d5d90c2a20d728e4433355eadc80cabe96a3eea07f196dff6b741bf4de44e36","ssdeep":"384:DjRDe1Z7gbgaMIGKR6aV5zfVZtXfuR0kVQq3nZgc/:DNDe1Z7ygVIrR6wzZFMfZgc/","tlshash":"3a82e0062e7ddd05c67ab139de90e2c3d71cc9229fbe7b74b5e83c6900a7c25450ba29","first_seen":"2025-08-04T10:32:45.297934Z","last_seen":"2026-04-18T12:49:49.689484Z","times_seen":12,"resource_available":false,"data":null}},"time_used":758,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":758,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/index2.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/index2.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-328e\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12942,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 340x230, components 3","md5":"ea3afc58c3b10f52973f3f0fe708e60e","sha1":"b53745cfdb9d92cfccfe144f3fa0b2dcb8fdb2fe","sha256":"627dbd1bee8d92ed5bf6b84df372e0652856a99629048343f58a83effc441993","sha512":"53c6dbc78b756dbb77258b5246a8718d24b16c573fb554df9b4124db555b9a66c8f397dfbd937b3c964ad278d75e74da997503b24fd9c11d5f6c008a7f196a3c","ssdeep":"192:qPK/8z1pGAD2jNGq+y/aArqOqyw+lXn9GSF/6+DExOpZeysbJLu1JhkP:Q8AajNh+y0yNNFpvKEANVi1b+","tlshash":"9042cf738313fa03a4951a74de622229970af738a7f9d6bbb6c03fa7d8330050b06164","first_seen":"2025-11-12T02:54:17.262266Z","last_seen":"2026-04-18T12:49:49.674985Z","times_seen":11,"resource_available":false,"data":null}},"time_used":760,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":760,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.raoyu.net/img/u51b0u7bb1u538bu7f29u673au7684u5de5u4f5cu539fu7406.jpg","fqdn":"img.raoyu.net","domain":"raoyu.net","tld":"net"},"ip":{"addr":"123.206.218.78","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"img.raoyu.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Apr 2026 18:33:11 GMT","end":"Thu, 02 Jul 2026 18:33:10 GMT"},"fingerprint":{"sha1":"AF:73:8A:A0:AC:F2:10:BD:BE:E6:77:2E:E8:5E:19:CC:A7:4B:53:62","sha256":"74:96:2D:2C:3F:D2:19:31:02:73:BF:FC:A5:3D:EF:37:B4:E8:8A:5D:03:48:58:E3:25:AF:0F:86:C9:54:2A:87"}}},"request":{"raw":"GET /img/u51b0u7bb1u538bu7f29u673au7684u5de5u4f5cu539fu7406.jpg HTTP/1.1\r\nHost: img.raoyu.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 444 No Reason Phrase\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:48 GMT\r\ncontent-length: 0\r\nset-cookie: server_name_session=0d502203a643f77f5065aaed6f266a65; Max-Age=86400; httponly; path=/\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"444","status_text":"No Reason Phrase","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":2094,"timings":{"blocked":694,"dns":204,"connect":277,"send":0,"wait":635,"receive":0,"ssl":279},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_ico05.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_ico05.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:25:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd4e-7425\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29733,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced","md5":"4b66ba65500d09bb7fcce23fc2dcd748","sha1":"1da5f4b7e985c92955ba0d9e8d4742a275070015","sha256":"e859a9bc177470988403067ae4a25534ac11a4cde56cebbbabbc1b92c5b1bc9d","sha512":"069ff74dd81c7170d6bea3ec7214024c741d0df39b6ab80f603af7d45b2942e3460708abe8f0cbd9f89d83f2383184fe8c9f466cd94911097c19de054d260a35","ssdeep":"768:d/3HMd00qdrwBzLZaSfe1icNxBda8/D2aiY004rwqa:d/3H+qmNLZaSfepxL//DrY0Kwv","tlshash":"c6d2e19162c1d224dcec9afe6e10216c079354adb34d4a7a277accedcd46c324bd2a0f","first_seen":"2025-10-25T15:13:09.813859Z","last_seen":"2026-04-18T12:49:49.68052Z","times_seen":8,"resource_available":false,"data":null}},"time_used":651,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":651,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hash166.com/","fqdn":"hash166.com","domain":"hash166.com","tld":"com"},"ip":{"addr":"156.250.137.188","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"South Africa","country_code":"ZA"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.hash166.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 31 Mar 2026 21:00:00 GMT","end":"Mon, 29 Jun 2026 20:59:59 GMT"},"fingerprint":{"sha1":"F4:FF:24:94:F2:21:64:70:F8:1D:BF:64:DF:9C:45:95:54:04:53:C2","sha256":"76:D0:35:F0:52:B0:45:B3:E4:7C:37:3B:16:B4:E3:6C:74:0A:A2:25:B3:DD:D7:E8:6A:1D:92:8A:73:D3:E8:72"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hash166.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:48 GMT\r\ncontent-type: text/html\r\nlast-modified: Sat, 21 Mar 2026 07:56:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69be4f4a-bb0\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2992,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"54f25c87b11e80d51a31d7a89d689f13","sha1":"ff0984aedda729c7ad0026cd6c40429a7f084cff","sha256":"744515a83cd316fa52c03a8904efdbaed6a64b598b2c97dbd6fb6e1d8a2d92f3","sha512":"d6f8c4118138243c8959fc88d04a0a24eb616c3b7af0e05a32558cb9371b146b77f5dd4d6c2cd6a8858dbe496fda384cbe642fb19842be718f0e8a3278f74b8e","ssdeep":"","tlshash":"8d5133178aa180016123cc5072fcab68a5f98007e546cd22b7ed655d8fc6e90fa47e68","first_seen":"2026-03-27T13:47:19.262182Z","last_seen":"2026-04-18T12:49:49.701949Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1473,"timings":{"blocked":607,"dns":69,"connect":258,"send":0,"wait":258,"receive":0,"ssl":278},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/foot8.d32e95ec.png","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/foot8.d32e95ec.png HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 5777\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\nexpires: Mon, 20 Apr 2026 12:44:54 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: \"69de49f1-1691\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: 76SIO8yOZy_DTp8mAmUapYxeqhAsu3BBgAswobPYmMHlK1TkeFHg8w==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":5777,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 34, 8-bit/color RGBA, non-interlaced","md5":"26c390c9ec9762972184cd2d48dbc2f7","sha1":"c75c8773c4f381ca799e3608bc739f4fa7c78a88","sha256":"d32e95ec50239b3e0630e1842981bc9e75db5e62945bc6b6f8fbb8734f754b17","sha512":"2f08746fe8a92d27c4d76955bb91af402d57abff58cb6ef8d4eb82afb9dd86f26731ee4ad63f4c81f3f8dd671b24a35eec69e59b7ca31633c0ac019695f44db5","ssdeep":"96:qSS9GGUnLUOwXzN6OhTK+O91iF0szDZIf28qxmtbAuQ/tRBymlOrT8QPxfkPAzet:qSK7SAOezNPT491ezDMTqQbAtDBsrT5+","tlshash":"b7c18f782564645deaf0c9a1c33b73f125ac279e5830038d54f371bcfa598a63b64725","first_seen":"2025-05-28T04:51:10.380856Z","last_seen":"2026-04-18T12:49:49.677447Z","times_seen":11,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":512,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getConfig","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"GET /api/getConfig HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: \r\nlangCode: en\r\nuser-device: 2\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: HxLlDUR7_Lcxgk1E74foB5v9tA51bfLaIdkZZPM-C5fNrOIlrH2Z5g==\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29414,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"445cbfff6021d92930ffd3f745dc1fb2","sha1":"821f1dd1a743c70c421dc0256381ae736c30e77c","sha256":"c8a923aa01f355b68414088cfba0333c9e82dc2d53dca00e391fe54f1acafd34","sha512":"dc307bb95db2f07f531e05171e29b91a52dcd33a8ca0c682a44912d331417774fa7fc2e3b2c6a04968e6894e9a819d3aa8dc62188a3106116330448c1288fc3c","ssdeep":"384:bS6GbOAGS616ttXj/pGEI4ttXjJGpswTwwejI2WwbY:bS8SttXjB64tXjKejIfw0","tlshash":"dcd253bef7fc68a145f141c00d97765b16da31086fca4ca896fbce5c43885a41b2f29b","first_seen":"2026-04-18T12:45:36.30782Z","last_seen":"2026-04-18T12:45:36.30782Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getDynamicSetting","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"GET /api/getDynamicSetting HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: \r\nlangCode: en\r\nuser-device: 2\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:55 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: sJ4FGeKGCzqjoqsXBIAlWfBWATtcga9eE5Rb3Tbwu5fwuCN62xZ77Q==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1066,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"eb6648278900a636a4354b0d57394ebe","sha1":"7c3e0ec004eba080f36899db73f164589f262482","sha256":"ffe1c2884823ea4c95840c02dc8194a2837d0e76e4c972444e9005dc42f26833","sha512":"86d6a5efdb90b0a85edb02d6944128c7034facd717c6238dd5f3818fd357a817ccbc9e739d6a5b007b090de2e96570d0b8f496d33b390e82782d8f74d266b7da","ssdeep":"","tlshash":"3d113f7aba75b4295ed827c58dabb7dce6c83807a78c81e37bcccd04d1105f0465a46a","first_seen":"2025-05-28T04:51:10.230859Z","last_seen":"2026-04-18T12:49:49.707214Z","times_seen":11,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getConfig","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:52.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"OPTIONS /api/getConfig HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: langcode,user-device\r\nReferer: https://bethx.vip/\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\nallow: GET,HEAD\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:53 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: __hEwbo1Fx45yIHB8wZw9iRgdxCk-gk-UwC18egB9dh9OFjZzI9xlA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":874,"timings":{"blocked":296,"dns":41,"connect":1,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getConfig","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"GET /api/getConfig HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: \r\nlangCode: en\r\nuser-device: 2\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: CJZhm_Z3V55w1cJkurTWnyjGGbysvfOeXHIWAzXQZSl3R3NwkM4HZQ==\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":29414,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"445cbfff6021d92930ffd3f745dc1fb2","sha1":"821f1dd1a743c70c421dc0256381ae736c30e77c","sha256":"c8a923aa01f355b68414088cfba0333c9e82dc2d53dca00e391fe54f1acafd34","sha512":"dc307bb95db2f07f531e05171e29b91a52dcd33a8ca0c682a44912d331417774fa7fc2e3b2c6a04968e6894e9a819d3aa8dc62188a3106116330448c1288fc3c","ssdeep":"384:bS6GbOAGS616ttXj/pGEI4ttXjJGpswTwwejI2WwbY:bS8SttXjB64tXjKejIfw0","tlshash":"dcd253bef7fc68a145f141c00d97765b16da31086fca4ca896fbce5c43885a41b2f29b","first_seen":"2026-04-18T12:45:36.30782Z","last_seen":"2026-04-18T12:45:36.30782Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"global.turing.captcha.gtimg.com/dy-jy3.js","fqdn":"global.turing.captcha.gtimg.com","domain":"gtimg.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:57.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.gtimg.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 24 Feb 2026 00:00:00 GMT","end":"Wed, 24 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"BA:08:F4:14:CE:A1:19:41:5B:1B:49:47:36:ED:5D:D9:75:EB:21:B8","sha256":"1B:6A:3C:E4:2D:7F:45:5A:83:7F:AB:6F:F6:D8:95:42:54:4E:56:C7:0C:45:D1:05:D6:A0:4E:78:62:A2:88:5D"}}},"request":{"raw":"GET /dy-jy3.js HTTP/1.1\r\nHost: global.turing.captcha.gtimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Mon, 15 Jul 2024 06:43:44 GMT\r\nContent-Encoding: gzip\r\nEtag: \"626436a6c87a002eb7e8a99c6f5f96b6\"\r\nContent-Type: text/javascript\r\nDate: Tue, 17 Jun 2025 07:43:35 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 15729484442061824980\r\nx-cos-request-id: Njg1MTFjYTdfZWVlZjc4MGJfMzk4Ml85NzNlMjk3\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 30884\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 5754425212589300304\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89391,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"626436a6c87a002eb7e8a99c6f5f96b6","sha1":"67d9732c33dc7689a98e63af2a97b0912f290762","sha256":"2a5fc3ad9f9e68e6de662de3e43661e1e8e447df0929efc64c0f067be2d9c455","sha512":"36dac1d5ea743f78e2fa1a503ce5d4448497717589529d1946edde1e474968d116bb21cea723ce8cf3cbb7d6b195d347588a0aa00473b5f41808dda1ee50369c","ssdeep":"1536:BjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:BYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"7c93f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8eabc78a4e827bf7d","first_seen":"2023-03-09T21:24:24Z","last_seen":"2026-04-18T20:07:52.033055Z","times_seen":1113,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/cap_union_prehandle?aid=189999718\u0026protocol=https\u0026accver=1\u0026showtype=embed\u0026ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTM0LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTM0LjA%3D\u0026noheader=1\u0026fb=0\u0026deviceToken=v3%3AAqCfezegn3s3AsKPXaccYkIn6lk1WcmvIjTYEvNrPCVtiRPogzfOXDeqXjqB9jzWovV%2FdL8tvqBm5yZxIhPvNtCuuqt3bf3mA4Zw7lQcy5xDYSYPpKiAy3So3zsPog3c%2BQskoWKpkkYnsFXCFG5nPRff3SvqbgAgGBtTK5AbfqeUfRWqLcaqWd1BTHY0AVZbzo5larQFUJA1ORYJKSCQMX%2Fcks%2FbW6EydgI%2BRX7uTtTK0GRKQVKdV7R8t6LLu3ie0zwJzV4X75sWLZZEq0j%2BNRXEkEw2iXP6bLvAbInunjbP5UfU2dgA4LffJ%2FmdjMYvf7tMxt0A8SaRqeEGKP%2Blss1iu2%2BzK57OyMhw4157lZyrDoGr3%2F4kd8NX%2Bat8o1jwh571QYmPDbx3LdxONYs85VQF%2BtFBvdbEcGcey%2B2fH6sdW9UOfncZXcL68TqGnd1ASD6ZG2CEmJIvgS1siCY9DgUom0l97QTH9S3MfkM%3D\u0026isJsVersion=3\u0026aged=0\u0026enableAged=0\u0026enableDarkMode=0\u0026grayscale=1\u0026clientype=2\u0026cap_cd=\u0026uid=\u0026lang=en\u0026entry_url=https%3A%2F%2Fbethx.vip%2Fregister%2F\u0026elder_captcha=0\u0026js=https%3A%2F%2Fglobal.turing.captcha.gtimg.com%2FtgJNCap-global.c89bafa8.js\u0026login_appid=\u0026wb=1\u0026subsid=1\u0026callback=_aq_958963\u0026sess=","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:59.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.qcloud.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 15 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"97:D5:C4:59:CC:DB:39:C1:09:48:A2:5C:F1:CA:F9:65:FD:86:E4:8F","sha256":"A6:65:54:11:17:3C:C3:1A:6F:AA:C1:D8:E6:1D:0F:59:2D:E8:DF:E7:8F:D2:BB:F9:40:83:5D:1E:01:65:D9:30"}}},"request":{"raw":"GET /cap_union_prehandle?aid=189999718\u0026protocol=https\u0026accver=1\u0026showtype=embed\u0026ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTM0LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTM0LjA%3D\u0026noheader=1\u0026fb=0\u0026deviceToken=v3%3AAqCfezegn3s3AsKPXaccYkIn6lk1WcmvIjTYEvNrPCVtiRPogzfOXDeqXjqB9jzWovV%2FdL8tvqBm5yZxIhPvNtCuuqt3bf3mA4Zw7lQcy5xDYSYPpKiAy3So3zsPog3c%2BQskoWKpkkYnsFXCFG5nPRff3SvqbgAgGBtTK5AbfqeUfRWqLcaqWd1BTHY0AVZbzo5larQFUJA1ORYJKSCQMX%2Fcks%2FbW6EydgI%2BRX7uTtTK0GRKQVKdV7R8t6LLu3ie0zwJzV4X75sWLZZEq0j%2BNRXEkEw2iXP6bLvAbInunjbP5UfU2dgA4LffJ%2FmdjMYvf7tMxt0A8SaRqeEGKP%2Blss1iu2%2BzK57OyMhw4157lZyrDoGr3%2F4kd8NX%2Bat8o1jwh571QYmPDbx3LdxONYs85VQF%2BtFBvdbEcGcey%2B2fH6sdW9UOfncZXcL68TqGnd1ASD6ZG2CEmJIvgS1siCY9DgUom0l97QTH9S3MfkM%3D\u0026isJsVersion=3\u0026aged=0\u0026enableAged=0\u0026enableDarkMode=0\u0026grayscale=1\u0026clientype=2\u0026cap_cd=\u0026uid=\u0026lang=en\u0026entry_url=https%3A%2F%2Fbethx.vip%2Fregister%2F\u0026elder_captcha=0\u0026js=https%3A%2F%2Fglobal.turing.captcha.gtimg.com%2FtgJNCap-global.c89bafa8.js\u0026login_appid=\u0026wb=1\u0026subsid=1\u0026callback=_aq_958963\u0026sess= HTTP/1.1\r\nHost: ca.turing.captcha.qcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 18 Apr 2026 12:45:03 GMT\r\nContent-Type: text/javascript;charset=utf-8\r\nContent-Length: 987\r\nConnection: keep-alive\r\nP3P: CP=CAO PSA OUR\r\nPragma: No-cache\r\nServer: Trpc httpd, tencent http server\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":987,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (987), with no line terminators","md5":"d9917fb6cad9e9f77703ff4e8eb56c4d","sha1":"e3229523a33de8eac9bc1f66a4c15160ea544b0c","sha256":"e713bc9823e0e197a362c9e66e109e0710d70aa9d5a5db6afab9784162e2d7a4","sha512":"ddef8ec39ca65ad78860f9b2ecb980b36034e9c1575a9ce54f0505cfcc34c364b43c4c3b1718021279dc00c97bdc025e3c828794851625bddeecf0ca16655d70","ssdeep":"","tlshash":"c01198704bdd43508f9a30f205651152b9dda19280dc4fbe0cd8de1456e6bf173b748c","first_seen":"2026-04-18T12:45:36.406565Z","last_seen":"2026-04-18T12:45:36.406565Z","times_seen":1,"resource_available":true,"data":null}},"time_used":3597,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3596,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/css/swiper-3.4.2.min.css?t=1590545486","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/css/swiper-3.4.2.min.css?t=1590545486 HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 27 May 2020 02:11:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ecdcc4e-4c86\"\r\nexpires: Sun, 19 Apr 2026 00:44:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19590,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1467), with CRLF line terminators","md5":"786a9fc9835422494681f476d262712f","sha1":"d86499ad6169fce738e8f61961c46e61231b57c7","sha256":"0c8a37c126a38131811df9a400bc04938d77d959539b00f7cbf0c230c5772740","sha512":"84d14e3b64e388d7b66e4131e7150092f8ec4bc718cec07ebc12efa398578d16ed6ba08bc26197d36eb020a84a7c8440c0cf3ea63b0e921a90226a185a07cf0a","ssdeep":"384:mP+EkJO9pbqjMi372dsBYcBdo2S9Ywos6M8ZF:M+EkJO9pbqjMi372dslBdo2S9YwossZF","tlshash":"8392942c1710204ae7314f6c4bf9a7389b5888e35e0394ef7251de48cbbb5a8716f766","first_seen":"2023-07-13T09:13:37Z","last_seen":"2026-04-18T12:49:49.725577Z","times_seen":44,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_pic03.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_pic03.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-68f0\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26864,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 271x246, components 3","md5":"9ad42c48aa3f4224ad6c4b37bb19cef7","sha1":"ddf2b886cc4a52b817a7a71e51500041455ecc43","sha256":"56262e181ef476b8f7034a916201dd8c73b09da7745c392c2859cdb5777ad0f9","sha512":"0b090beef5a36284d5a3e3d0e0c740a77d2f1de95491e8578d2c766c85e85d91dee59212131196a22db685f35e611c5f887b354f8b9620bddf8a4ec1c6125002","ssdeep":"768:bH5tfBxhSnD6OWhys58kbEUy+MBPJKJGEsnafM7t48d4sdvYJa:Tx26fhUDJTEsniitNZ","tlshash":"a7c2f1e38b6b4d305a1bd97a73ab0b60add983992c25467334106bc43b183e4ed5dbf1","first_seen":"2026-02-23T13:17:07.974491Z","last_seen":"2026-04-18T12:49:49.717714Z","times_seen":5,"resource_available":false,"data":null}},"time_used":755,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":755,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/i0.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/i0.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 10 May 2020 09:29:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7c98a-490\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1168,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15 x 14, 8-bit/color RGBA, non-interlaced","md5":"bad03b4c88c0a67ece956ed284085b5b","sha1":"062f77dde32e766eea7e8d8dcce8e5ad511fd4c3","sha256":"e15e832df9fc106084c764248aa51b174ab3f81b6b096ac65dcf0208014d9c55","sha512":"7e5a57f26087a479bd26fb2202da7e993972f71f6ddbed82c483dc6236ecfd9d9922051d5b978c8af9404c42a2246dda9b3fb0a9194dd6e47964364b63a6a8b4","ssdeep":"","tlshash":"aa213049f9815901914cd8d32ce58276da6348c1dae0e8a2aecec42238b46f4986e5cf","first_seen":"2025-03-27T13:50:35.222206Z","last_seen":"2026-04-18T12:49:49.719327Z","times_seen":14,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pro-i.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pro-i.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 10 May 2020 09:32:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7ca48-68e\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced","md5":"f7695ec8421bf4706b42ea7ecdcd80e3","sha1":"5a9c665350277a041bb78cb4c718b2bce0755b9e","sha256":"dab1ab6aecc4b22f4630c6952db257719944a601510ff6e965d1ffd2c381570e","sha512":"71b28c49eda7d6d91e52599be90012d3944e9fb77ef1bc2a3f2b60b309fd6d72ebad13ab359687a83440db633753f26c7e4817a9ee524d45891ab90bf26d89d9","ssdeep":"","tlshash":"6e31caede9001e45219cddc210f363e757498e508de4e871a8cac5765970bf588adfcb","first_seen":"2025-11-12T02:54:17.207942Z","last_seen":"2026-04-18T12:49:49.67031Z","times_seen":11,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":415,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_ico011.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_ico011.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:24:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd20-654\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1620,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced","md5":"261dc4ddf2af35e0761052c8082ed760","sha1":"bf544d71faf2518de6263c094aa0f011ce4d6d99","sha256":"56b09345886097da747509a5e07632d517a8e4599a5c50c5ee1dd354c522d08e","sha512":"ff00a30f88f4bf7203a16989984ac652809a2a250ed79ea3c2bc6f5fe3f0462a128c3c761ac22fa7b9d95699ddec8f8f5a0a7c746ce15ddcf9e244a2dbf725c4","ssdeep":"","tlshash":"54318649f4a0645497bbd45030dab023da275d4459e0eca969c6de971d3236704209d7","first_seen":"2025-08-04T10:32:45.335145Z","last_seen":"2026-04-18T12:49:49.700957Z","times_seen":14,"resource_available":false,"data":null}},"time_used":659,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":659,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/qq.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/qq.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:31:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6deaa-5f7\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1527,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"15a56b58d0c76b4e5007b8c59306a6ac","sha1":"bb426178d7337c9903ca638affd8d80a6f54dc0b","sha256":"a1e7d8325e6a373a96307168ff6ece9a6532e1422eec99ad93c788b0101f753d","sha512":"354d0896bb7b8903c4605f6e9dfee040d4f5b8ad6e5b66e762ad1d800f17a310db8f0563acc5a2360708c8f1975e74cec9b88ddb07c504f92951465b6b723de3","ssdeep":"","tlshash":"dc31a74bf9013e4192a8e99120f745bbed2258c4d6d1e555becec42139a42fd982f4cf","first_seen":"2026-02-23T13:17:07.910337Z","last_seen":"2026-04-18T12:49:49.711467Z","times_seen":5,"resource_available":false,"data":null}},"time_used":648,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":648,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getPricePool","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"GET /api/getPricePool HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAuthorization: \r\nlangCode: en\r\nuser-device: 2\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:55 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: vZ0OUPMAtjz4zmobAVEfWn7TDl3_m4B9rQJhAxdeRBZHU2GEuk4t3w==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":882,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6b1f0af30a233e18337f32f7bd9b3331","sha1":"7cd5989c2fb6da137deb0cb790fd1ee57a972cf5","sha256":"4ec58ef56bbb6b5d6e7510d119a51a1619711245448a0b5879c21275a78ae797","sha512":"4a78316b92c634907d9452b8225c0bdd5da09aaea57a9d9280a9539637f072dbbee26c3d7c51d11824d41b7bb62139ca37b2d9f7608bffbae8654170c50c66cb","ssdeep":"","tlshash":"fa115c3916afaccfa525a614468ef7e7b4817a33d4dfdce381ace5458212060e4d1192","first_seen":"2026-04-18T12:45:36.417188Z","last_seen":"2026-04-18T12:49:49.688554Z","times_seen":2,"resource_available":false,"data":null}},"time_used":540,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":540,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ca.turing.captcha.qcloud.com/data/1941/forward","fqdn":"ca.turing.captcha.qcloud.com","domain":"qcloud.com","tld":"com"},"ip":{"addr":"43.158.119.130","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:59.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.qcloud.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 15 Dec 2025 00:00:00 GMT","end":"Fri, 15 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"97:D5:C4:59:CC:DB:39:C1:09:48:A2:5C:F1:CA:F9:65:FD:86:E4:8F","sha256":"A6:65:54:11:17:3C:C3:1A:6F:AA:C1:D8:E6:1D:0F:59:2D:E8:DF:E7:8F:D2:BB:F9:40:83:5D:1E:01:65:D9:30"}}},"request":{"raw":"OPTIONS /data/1941/forward HTTP/1.1\r\nHost: ca.turing.captcha.qcloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://bethx.vip/\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 18 Apr 2026 12:44:59 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccess-Control-Allow-Headers: Authorization, Content-Type, Origin, Referer, content-type\r\nAccess-Control-Allow-Methods: GET, POST\r\nCache-Control: no-cache\r\nServer: JPrxServer\r\nAccess-Control-Allow-Origin: https://bethx.vip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":62,"dns":1,"connect":20,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F415542O53.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F415542O53.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 07:54:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e16932-4eee\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20206,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 280x271, components 3","md5":"7bd8c5f580c8711fa8103a67601073d3","sha1":"5205f8a589534448abe4cad29be02ca5223781c9","sha256":"0fc321eed723b4bc04719ae57ab3f9e564a04f3860840bdf4f7bafd43a7f41b2","sha512":"ea79b7450dec9866898baf6b4b60b8dff5b9eef6e7a7e28508902742259f2900f763f848b0f68d628aa3a9d712b4369bd6a0ce745fe7759f9532d519e5fd6ddc","ssdeep":"384:FZ9waTbfq4o/EBH9TGW8Qd1dOvYNtSdPU6mOUOGkyQs9tAbAG0q9WUChtL7A:lw2bfq4uEBHBGW83YNAdEIylyWU6tL7A","tlshash":"7992cfe4a4595a3aebd6fe2073c3ec33424f15f563b20e95901b4c82a4c6daef1a1680","first_seen":"2026-02-23T13:17:07.883823Z","last_seen":"2026-04-18T12:49:49.667657Z","times_seen":4,"resource_available":false,"data":null}},"time_used":761,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":761,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_ico051.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_ico051.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:25:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd52-79c\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1948,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 68 x 68, 8-bit/color RGBA, non-interlaced","md5":"2d96b08bf650b5559bfa1014aca2bd1c","sha1":"f61a0ecf5a6e82514aa8d88b936c68b831c85bd0","sha256":"b1a04064d30bdf3d35eccdd50530c4654a32cdc663e6b15503c0bd9fef3e5b3d","sha512":"d2e712018087b353c96a8e69888c4b3424518dacdb01ae17a43d759abf347bff134cd3eb896ac30ff261c3afd51c3bb796931c52aa8298ddf233d419ac3e56cd","ssdeep":"","tlshash":"3e41c654f542ac09d99d99d260efe812a53208e0d0c0fea56cce8de1a7202a559943c3","first_seen":"2025-08-04T10:32:45.374154Z","last_seen":"2026-04-18T12:49:49.703015Z","times_seen":13,"resource_available":false,"data":null}},"time_used":651,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":651,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/video0.mp4","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:48.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /video0.mp4 HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=3375104-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:48 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 28549\r\nlast-modified: Tue, 28 Apr 2020 03:11:46 GMT\r\netag: \"5ea79ef2-33ef85\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-range: bytes 3375104-3403652/3403653\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28549,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"0c2b54bb8fd699b70a1c90c8890c0a49","sha1":"b3292fcda2c2b52991b9f37b79909416c906188d","sha256":"15daa4ee16a073f10f50d97990ecaffc997f0e11cd5540a25d7b0330e9ee10fd","sha512":"cf84d8241ee27a3e12618c31d1e0b2d7e31130b57e54f93dd844f990242a6afca3c53348560df91cd7d4af36c24128b7b1529dcdb10a44bbef2417f060b02fa3","ssdeep":"768:LrbvwPE2MLW7Wq8uKK9lYyy2u2J1UFG5b:HbwzA1q8nKrYhQEFG5b","tlshash":"35d2e14eb3f40d21e61309795267e3029706c736e2695bc374af4322bc1dbb83862ac7","first_seen":"2025-11-12T02:54:17.193788Z","last_seen":"2026-04-18T12:49:49.717197Z","times_seen":10,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":431,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_pic04.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_pic04.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-2f20\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12064,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 271x246, components 3","md5":"5850463229ebbe21960bbd33d04db340","sha1":"dbbdd79df81565a416436b9f9b0bd8590243e4a9","sha256":"c60a2b703ffbc0e050bb375ac7532e8e527ed43a513b74e552651c323371a174","sha512":"104fa9d29444c9f464889c908b943430205c9bd3a38102cf28fdd8b86437ee835bb1a521784e605dcc9095d94a54e7b78bea54ea44e4bd030066fcf14fbaeb12","ssdeep":"192:tydLx+6qrQTyR6ql0dO/atj61FYMPbujrCGtdE3ybY2lmBEPBJt5eeRoOmvRRZ:ty5JycE0dO/ijCFYMPEdmumBEEeOv","tlshash":"4c42c00f4a308793df2d40b092449ee437386449b276277bf05d3bedddad6ade540a85","first_seen":"2025-11-12T02:54:17.268114Z","last_seen":"2026-04-18T12:49:49.693651Z","times_seen":11,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":754,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F4160P0947.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F4160P0947.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 08:08:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e16c60-24197\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":147863,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 377x243, components 3","md5":"3260f605f571c06590cff4185172588a","sha1":"65c5bdfd2211d7c1a5b8159895e9ab3d31e3cc3d","sha256":"64aa58036c266d0fe4ba3801450307721925925e44c3087669b1f65b533e5c08","sha512":"07c72105933154a1da7998c9df390adb2ea622d0ac25124268c57452edb5ce7c75618887b01695c213760a77ac8fb0ac0ecdb3e1292bba08f7e84027d12ccae6","ssdeep":"3072:02dokKKnrq0MCLWqc+nCKH22vl4KZU2ZPd8lSaF2+6FKT:ggXRH22vlHyoPWcz+6Fi","tlshash":"ade312b404a29d1a9c3377fa205625c885d181744a9e4e114ba2f5e2fd3de48bbc5ff3","first_seen":"2026-02-23T13:17:07.869812Z","last_seen":"2026-04-18T12:49:49.67952Z","times_seen":4,"resource_available":false,"data":null}},"time_used":753,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":753,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F4160G5148.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F4160G5148.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 08:07:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e16c32-3b1e\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15134,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 375x240, components 3","md5":"98099aa3cd31bfd69ad4b6567fb640b5","sha1":"372f7b9184e5ccbfc210995ae5bc42e973eafbca","sha256":"788edaf9227e91031d79a2a508456356fcdcb302eaa21ae21a0a823e521ae12b","sha512":"182c224ddd32079f394672237b8381b1ffa5414c7fa7967cd36bc2c939c8fe73a8ff59a457743cf8fd7a3b4f4e5720a6c86f725ea4d0814ccea2ddf8346bcb0a","ssdeep":"384:47/MKqiAJBcr6ryvQ0zGB07qKCW5qJYjwzYgjrYrVKSxB:+kKhAnSQ0ayV5qKsYgK1xB","tlshash":"5262bf012f907740dc269e6d14f5a2cf77a6d6a7583137844bf9fa5b648aa6036f0908","first_seen":"2026-02-23T13:17:07.914741Z","last_seen":"2026-04-18T12:49:49.703603Z","times_seen":4,"resource_available":false,"data":null}},"time_used":752,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":752,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/foot3.88e2ab7c.png","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/foot3.88e2ab7c.png HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 4403\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\netag: \"69de49f1-1133\"\r\nexpires: Mon, 20 Apr 2026 12:44:54 GMT\r\ncache-control: max-age=172800, public, no-transform\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: eixi1rFWzyLMAMRp7pxfoCMLwxs5sICb7gmpKCAz5mz3j_uDDJTEfg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4403,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 124 x 29, 8-bit/color RGBA, non-interlaced","md5":"f03662520f71e88128735d3113a41a6b","sha1":"60511efe26b7b9245aedfbe21135adb27420b765","sha256":"88e2ab7cc34717e79481398011dc34a7bd3d59a56fce6e3ac203df871ea72dc9","sha512":"b1b4be981beff67f586164f920f820d1f9fe470db3c89e3e7f2e4d81b616dac13e2e3639986c9bbe8d3603147c8d821024de65ea58c4e8e7b584f0817c33b5b1","ssdeep":"96:VSjNrp5SRaI2oXpwp6oRXNsb61BUCkaq7V+Rb5yoqz:VSxHSRa3o5o021ZXq74Rb5yoS","tlshash":"2c918eef098fd3ad0bf7534a42a734a67df6f2445458750e5ddcee400459e834e22381","first_seen":"2026-03-02T03:43:39.426493Z","last_seen":"2026-04-18T12:49:49.690493Z","times_seen":9,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/css/media.css?t=1590548948","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/css/media.css?t=1590548948 HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 27 May 2020 03:09:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ecdd9d4-2654\"\r\nexpires: Sun, 19 Apr 2026 00:44:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9812,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"2937f22b558a18f7405e8e2a50973379","sha1":"d49fbece50d95fbde208ee270d9a91031af6e7e3","sha256":"c26da9731223523880565377181b563796cc6e4cd9dbe2615fb1732c9b967446","sha512":"6fd6ed2652f8cdb7db285aba30784563d6b00fc8b9b069f240af2c0b5949937d9288b6f33e80761bd03a7692a023ad95b7493e05e115c621611c018a24ababb3","ssdeep":"192:diWYBAefKdnnedTrtbT3LaCMoHiCaajwu+ULqpa9mow9t5bC:sAesnedxT3LaxoHiCaajwlULqUkow9y","tlshash":"6d1224dc9aa0308ca3136faeebf14b3a6f2d60f56f4b01adf2a07919d24755827715c1","first_seen":"2025-11-12T02:54:17.203001Z","last_seen":"2026-04-18T12:49:49.694795Z","times_seen":12,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getDynamicSetting","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"OPTIONS /api/getDynamicSetting HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,langcode,user-device\r\nReferer: https://bethx.vip/\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\nallow: GET,HEAD\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: inO-WO_QzR_DisD9qlY8jfE3iBzyXzXnEA3LWQVmV5myFMrN1_mpGg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/loginbg.f742cff4.png","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/loginbg.f742cff4.png HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/assets/login.8d1f7ec0.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 601961\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\nexpires: Mon, 20 Apr 2026 12:44:54 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: \"69de49f1-92f69\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: pieTXmHU0BvMqc1oQ8xJNb_kScEpWYCLZnBbRfOjd0MUdoyXmvRudA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":601961,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced","md5":"101675f5323c83583aff47556a97ded7","sha1":"1ebc33652abd7dfa8a3a0abdfc09afe8729972ff","sha256":"f742cff408ac37fc77fcda6ce8fa4456d246c22f13a3ac389edb7e3602cea2c1","sha512":"a3e8746a879679f546b46864f1bb10dfe14c5a45adace36f24988691207592d9082b90b4199baafc8008e25735b2a0716bc249848ae930a1d8292fd988d61ae4","ssdeep":"12288:nSR2+HFgy8vHrf6MWQSQJpTuIhZbaY8zmbisk2+/4gud9TxO18uw+vil8kx:SRFJoryoJNu8bKmbisA/WT285+vilZ","tlshash":"fdd423294d67e22bc4b4a96990388c9d404798a570c3fb5ee3fc41752cebbf7109bd06","first_seen":"2025-07-02T18:11:26.557947Z","last_seen":"2026-04-18T20:07:52.050079Z","times_seen":39,"resource_available":false,"data":null}},"time_used":1697,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":514,"receive":1183,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"77hash.s3.ap-northeast-3.amazonaws.com/images/i7yzC1743468940250401.png","fqdn":"77hash.s3.ap-northeast-3.amazonaws.com","domain":"77hash.s3.ap-northeast-3.amazonaws.com","tld":"s3.ap-northeast-3.amazonaws.com"},"ip":{"addr":"3.5.241.99","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:55.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3.ap-northeast-3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 14 Feb 2026 00:00:00 GMT","end":"Thu, 11 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"8E:7B:63:EF:E6:C9:5C:E2:75:EC:28:1B:89:0A:7B:5A:75:7F:58:D8","sha256":"2F:C4:88:1B:AD:C8:3A:F2:3A:5E:75:3A:97:20:2B:B4:E1:CF:A3:62:48:15:B5:56:53:F5:84:C3:DD:53:FB:E5"}}},"request":{"raw":"GET /images/i7yzC1743468940250401.png HTTP/1.1\r\nHost: 77hash.s3.ap-northeast-3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: iU0fCI6WoKRWnS6tEfFmHCXbBfCgGWG5o71v5fQYu3f/sre6lmvur/aD2XKcn+0UaXxJmZiMrHuDW7dYIht9WzF9lmCxe365\r\nx-amz-request-id: NYWJN9TDWQ97EGTH\r\nDate: Sat, 18 Apr 2026 12:44:56 GMT\r\nLast-Modified: Tue, 01 Apr 2025 00:55:41 GMT\r\nETag: \"8dc7836123b589715345de901a9451dd\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 1959\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1959,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit/color RGBA, interlaced","md5":"8dc7836123b589715345de901a9451dd","sha1":"94d73dc2382b602062772b94aa59b24a1259ac74","sha256":"0749181176cb2ec997fe0c615c22bcec4520e23f087429d9288b9956c7beb120","sha512":"9a4af67cc89935d7ecf9262e9a5926939216966c9e60399c51c483b41b42d0966404f94add2f778e2b7bf17264d443a0fc234d4c13656549f7a15d871d9fbd12","ssdeep":"","tlshash":"4641eaf9b18a591cca68d2b7c231d7a68936b1128dcf61ea481300679d941d59f4c447","first_seen":"2025-05-28T04:51:10.306264Z","last_seen":"2026-04-18T12:49:49.709302Z","times_seen":11,"resource_available":false,"data":null}},"time_used":1454,"timings":{"blocked":569,"dns":1,"connect":283,"send":0,"wait":308,"receive":1,"ssl":288},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/main.ecaab409.js","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:50.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/main.ecaab409.js HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:50 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\netag: W/\"69de49f1-18c141\"\r\nexpires: Mon, 20 Apr 2026 12:44:50 GMT\r\ncache-control: max-age=172800, public, no-transform\r\nvary: Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: XLwUuKCpSgxNKCPJv1X0sSKX2k-nnTdI9b6i6X0jzNjnMJIHSzcc0g==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1622337,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"775a4622ab55db05a5a6d63c71c24e6d","sha1":"e33cbdb0509a729a632477665cf131ea5a7c7786","sha256":"d058ecace9257f5ee4d222393d9a13088cc5954cc306116e584c09251484a28d","sha512":"ff1b6351eff5b5210161d1eca6251de30b4ebb9da86ba3752a9b13812c1a40fe361a2696718ea0d75ac9fc66c0925f9ff058e0f62fef07379b72fddd5ebcba1a","ssdeep":"24576:dV6cDTV090IdumcYuCoj4Cb2VJGpzyIdwWGeHy+:dV6cDTV090IdumcYuCoj437GpzyQwWGk","tlshash":"4125d8d8b1cb999103d689c45ca722d1b12c1e463488e6e7f878ad7afcd11b58673f38","first_seen":"2026-04-17T00:42:36.054269Z","last_seen":"2026-04-18T20:07:52.027824Z","times_seen":9,"resource_available":false,"data":null}},"time_used":508,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":508,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/head-logo.47c5e535.png","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/head-logo.47c5e535.png HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 4496\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\netag: \"69de49f1-1190\"\r\nexpires: Mon, 20 Apr 2026 12:44:54 GMT\r\ncache-control: max-age=172800, public, no-transform\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: I5CW3iycngdKWkczW1SJ1iWCcei-KWTWraiLAt6r3JXSJ_y3ZLnGhA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4496,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 197 x 48, 8-bit/color RGBA, non-interlaced","md5":"6d1fddba4aeb9a6ee80938f52812bac8","sha1":"92a4a45582e925b9b9cfbb526548df114c891a8b","sha256":"47c5e53534293745e446b6f7afa452a8f32bc4c9fe2ecec6bd2062333fac7170","sha512":"6d75442269e8a3d5e97e3c16962ebc35645f681d652c7a878269a84eb43b9c78a3c0da010f8ec9d3dd19c36254f85212c55989139d598dc315acad0db3850c14","ssdeep":"96:RWVC8flwMNYbfB9oASh2ONF/S3wFQtI2b+Eey6Ckqc4PdeZk4V:AVC8VNYzB9oAuPcrtIe+/3UsZk4V","tlshash":"55916e94a508b1f353ea6ca3ad83054f5ea0b31c6e289d542f56d1d13b7869c0f2972b","first_seen":"2026-04-18T12:45:36.438824Z","last_seen":"2026-04-18T12:49:49.670758Z","times_seen":2,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:59.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"OPTIONS /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://bethx.vip/\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:44:59 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/btn2.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/btn2.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 27 May 2020 02:24:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ecdcf48-f21\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3873,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"59ba23be8c374cf2f5da49c79abc4b2e","sha1":"d96fe621010fec28e0ea3d5ee2646a15c361dd70","sha256":"01c1a91608cd43d3a72659d89fd006e1b948f50ec7ab5100391d8bcf97653d68","sha512":"8f4413e3e66d15276cab3fb3bdaddb92f9b9526026ce0be91153561d5d1bde075840611cfb04bb700d6d0f7ad56b6e2bb8d681c09abf51dce591bdcc2472a004","ssdeep":"","tlshash":"cf815dc69c21459e074889ed1c6bdd024f6ad680436e2d2cdefa530e9a11da13976367","first_seen":"2025-03-27T13:50:35.234538Z","last_seen":"2026-04-18T12:49:49.700178Z","times_seen":14,"resource_available":false,"data":null}},"time_used":421,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":421,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=BB4C28CC1DDDCE78\u0026cc=0\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1631287761\u0026si=e4d96263a9a49b5719dead97eb43ae0f\u0026su=https%3A%2F%2Fdogecoin8.com%2F\u0026v=1.3.2\u0026lv=1\u0026sn=59046\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fhash166.com%2F\u0026tt=Welcome","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hash166.com/","date":"2026-04-18T12:44:51.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=BB4C28CC1DDDCE78\u0026cc=0\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1631287761\u0026si=e4d96263a9a49b5719dead97eb43ae0f\u0026su=https%3A%2F%2Fdogecoin8.com%2F\u0026v=1.3.2\u0026lv=1\u0026sn=59046\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fhash166.com%2F\u0026tt=Welcome HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hash166.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Sat, 18 Apr 2026 12:44:51 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=9D0C425ABE640668; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-18T20:23:32.332788Z","times_seen":337595,"resource_available":true,"data":null}},"time_used":330,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":330,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/login.4af18a7f.js","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:52.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/login.4af18a7f.js HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bethx.vip/register/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:52 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\netag: W/\"69de49f1-ce3\"\r\nexpires: Mon, 20 Apr 2026 12:44:52 GMT\r\ncache-control: max-age=172800, public, no-transform\r\nvary: Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: 7GxdIh1sTKyLMXuenqPDVB0rkH23JzVZPDjEGW-1oJ68ICn-pWHdcA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3299,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3298)","md5":"326f993fcf46a737902c9eba084f110c","sha1":"44a183bb22cbd17afaf2cc11a95098ca3d18008b","sha256":"b4b44bcf0e547c0f150691b55fab3d06c3787ee99b4c47780d5efad16a875dc4","sha512":"5fab21f48b7e34cf779de3d2c1c86268c9dbf551e12f2bc018238e072063f110b6de9da931569f04aea69b2cbc92d0e985d0a5b860971cd73a5869e5d8e29f92","ssdeep":"","tlshash":"8361be9af81e8a3ac9765544c4b6240c390d2ff46250af7f5cf88e253fd5e6d270e2a0","first_seen":"2026-04-17T00:42:36.056852Z","last_seen":"2026-04-18T20:07:52.022667Z","times_seen":9,"resource_available":true,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-18T12:44:45.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:46 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: home_lang=cn; path=/\nadmin_lang=cn; path=/\nPHPSESSID=2k6hvak7klsvh3aeq6oimqj653; path=/\nsite_info=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: private\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:2.1.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":64736,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (455), with CRLF, LF line terminators","md5":"a4308647989e60ee35870541e0d1028d","sha1":"9d32682bc46b58c1d71233ef4182305069c9af23","sha256":"988a15b39706e30713d34b288d13200224f19e93bbc2432b52c3f450764a4c0d","sha512":"2188af27f9966fdbb4efc4550b25d91eac968cd6aa3facf31ab5cbf2ccc9c586769d0837b38b78efd4084e55f5954d0a8325bdeb741ddd8880d2dc0bf42b3331","ssdeep":"768:AKtGQurDg71W+nVDENolPeHdkuuYO3iYlhkg9:qW71W+nVDE2kHCu43iYlhk4","tlshash":"aa53fd2156c1516743b381889a349faaff95d297da578a02b7ec3bc75fb7e88cd03401","first_seen":"2026-04-18T12:45:36.442793Z","last_seen":"2026-04-18T12:49:49.72489Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1669,"timings":{"blocked":580,"dns":59,"connect":255,"send":0,"wait":509,"receive":0,"ssl":264},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.stockstar.com/cmsrobo/stk_zjlx_5d_sz000678_1658457617.jpg","fqdn":"static.stockstar.com","domain":"stockstar.com","tld":"com"},"ip":{"addr":"175.43.192.174","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.stockstar.com","organization":"上海美宁计算机软件有限公司"},"issuer":{"commonName":"GeoTrust G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Thu, 03 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9C:58:BB:E2:8B:B0:87:A4:22:EA:15:C4:65:15:9F:A6:EB:33:D4:AC","sha256":"5B:34:B7:7C:16:24:89:66:DD:1F:2B:C0:B0:ED:5D:74:B4:1E:53:55:D4:E1:6B:26:05:FB:3A:1F:37:CF:14:86"}}},"request":{"raw":"GET /cmsrobo/stk_zjlx_5d_sz000678_1658457617.jpg HTTP/1.1\r\nHost: static.stockstar.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Fri, 22 Jul 2022 10:40:21 GMT\r\nEtag: \"e9907f720a935c3fc54b4322e5d12862\"\r\nContent-Type: image/jpeg\r\nDate: Wed, 15 Apr 2026 02:24:47 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 13210653144936350306\r\nx-cos-request-id: NjlkZWY2ZWZfOGE5N2U0MDlfNmY1OV8zYjdmYmVi\r\nContent-Length: 61886\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 9292288600905747928\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61886,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 696 x 253, 8-bit/color RGBA, non-interlaced","md5":"e9907f720a935c3fc54b4322e5d12862","sha1":"a3f8878f5ae7530f4bbeec2f7ce697a757ad5901","sha256":"eabb5ad7229f26f9915ec8bf2d3aba97f9a7e9a3a4aa8ac487ec623225194e15","sha512":"7756ace00e86d4fd8fdba1c55d0ee1f21cb48c0b7fcd504fe4644bb4c6782a58da6d2fdc0c567d490aefca2b1700aa7f2e39215bbeabfd69276826499b297bc7","ssdeep":"1536:7LQCFEpODOUl3z8PLi/ANYnvlFJUeR/VK:7slEDDQ+/sY9TUeDK","tlshash":"805302f43b1f1172634f2bb2697917eda2acec62bb3d85ae15013846c9521c5c3b52ce","first_seen":"2026-04-18T12:45:36.444632Z","last_seen":"2026-04-18T12:49:49.705679Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5524,"timings":{"blocked":2576,"dns":1028,"connect":295,"send":0,"wait":297,"receive":4,"ssl":1321},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.tongjiniao.com/c?_=755561078085177344","fqdn":"api.tongjiniao.com","domain":"tongjiniao.com","tld":"com"},"ip":{"addr":"43.248.142.46","port":443,"asn":23650,"as":"AS Number for CHINANET jiangsu province backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hash166.com/","date":"2026-04-18T12:44:48.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tongjiniao.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 07:19:03 GMT","end":"Mon, 25 May 2026 07:19:02 GMT"},"fingerprint":{"sha1":"40:B0:8B:09:6B:2A:D9:45:72:4F:3D:0F:E9:C0:85:05:65:FC:BA:37","sha256":"69:18:00:36:1F:AE:18:2C:32:BC:D3:3B:55:0B:D1:6E:A3:C2:87:0E:0C:A3:F8:4A:00:BA:00:72:C7:C4:3A:1E"}}},"request":{"raw":"GET /c?_=755561078085177344 HTTP/1.1\r\nHost: api.tongjiniao.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hash166.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:39:16 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 88\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization\r\ncache-control: no-cache,no-store, no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":3940,"timings":{"blocked":1681,"dns":929,"connect":495,"send":0,"wait":563,"receive":14,"ssl":253},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/resource/loading.css","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:50.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /resource/loading.css HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:50 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\netag: W/\"69de49f1-58f\"\r\nexpires: Mon, 20 Apr 2026 12:44:50 GMT\r\ncache-control: max-age=172800, public, no-transform\r\nvary: Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: zovy5qWe-mpAmMzPoKG0axiQr4W3_Y9XV3DU_IY4kj2QaqnFNksQwg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1423,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e1cc5d435526557acda7e1461878290f","sha1":"f3c9f5a0427d0ed822a3359b7c520dca0e3cef96","sha256":"afb4aa29c0cb6fc3849b6c62937226da23a2ee57e6913d2f8358fbe83ad7d3df","sha512":"2c684f6a041abfbab1b4e66bbf6e5ae398c5cfe9f96f522e6e6bfca367f095d7dc9838d458c79999fa5139dae01a33cef36413a09c1253a65d33896f847a2f7e","ssdeep":"","tlshash":"5321c03b09f1a44c961b861a02ec5d246b3dac439d0fdd9eb7a2740ecb82d4477d329d","first_seen":"2024-10-23T10:11:45.180877Z","last_seen":"2026-04-18T20:07:52.026896Z","times_seen":44,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/foot2.be64b9ff.png","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/foot2.be64b9ff.png HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 9364\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\naccept-ranges: bytes\r\nexpires: Mon, 20 Apr 2026 12:44:54 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: \"69de49f1-2494\"\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: EkaPifz97-MQKD2U98sCxmwqQ-T9CV1W7hcP75g2PBwro8vr-D98uQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":9364,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 166 x 40, 8-bit/color RGBA, non-interlaced","md5":"280761af1dae75df65ec4521162a625c","sha1":"2336591c8d99523897f7e7b72776c96c967e7eea","sha256":"be64b9ff4b3faecc0829063e9cd03dd7bd9597c2e12a2f7c25db17f29525210c","sha512":"af51f9451c29e18f878f56a757e930e1b1fc12db8baa92eeef3ae7fd51cc58302ab7f8d9d3abbb1c75c0db7241cf9332cb214cc669457ec638ba7daf1f35b617","ssdeep":"192:ZSGc+ZaR1GNFf1AB+hYdGzwEEkFM+z/1HYSPUSNqqZXgI0kBT5xjIOIIxL:ACs1GNFS4uGrEkaC/aSMSOk7B1","tlshash":"0012ae213de1795fe0f0a3b15781fe13a47e95b72c403cc6e658782bf569168e68d288","first_seen":"2025-05-28T04:51:10.434176Z","last_seen":"2026-04-18T12:49:49.671308Z","times_seen":11,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-EV1YS9GR4D","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=G-EV1YS9GR4D HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 18 Apr 2026 12:44:54 GMT\r\nexpires: Sat, 18 Apr 2026 12:44:54 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 157084\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":473272,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"3addcf2b8c9f8d968a8f6abfac7b7492","sha1":"0b53f8f2448ed7db92671e41d7deb55118712467","sha256":"04430404ec305b6905e033812c96f5303bde8956b41751f7a6008d7d5f2839d0","sha512":"15faf942dc9fcca14e26c6195dfa68ee1e57d0eb28bf7889c6d7cc1912eca895e2a9b8861f7a05da0a4aa44beb986aeea9e294b5f833abfdf02d35c699810aac","ssdeep":"6144:jF4OjKg7CA4MRBRfrJPj8B3v0yIjwcHCpLUgW6w01V91XG:x7t4MtfrJL8p5WOW","tlshash":"67a409ceb3d674625396f478903f018ba57b28a2b44cc89af189cce42d7465a4277f7c","first_seen":"2026-04-18T12:45:36.447503Z","last_seen":"2026-04-18T12:51:41.321297Z","times_seen":6,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":94,"dns":1,"connect":7,"send":0,"wait":31,"receive":24,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"global.turing.captcha.gtimg.com/tgJNCap-global.c89bafa8.js","fqdn":"global.turing.captcha.gtimg.com","domain":"gtimg.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:57.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turing.captcha.gtimg.com","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 24 Feb 2026 00:00:00 GMT","end":"Wed, 24 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"BA:08:F4:14:CE:A1:19:41:5B:1B:49:47:36:ED:5D:D9:75:EB:21:B8","sha256":"1B:6A:3C:E4:2D:7F:45:5A:83:7F:AB:6F:F6:D8:95:42:54:4E:56:C7:0C:45:D1:05:D6:A0:4E:78:62:A2:88:5D"}}},"request":{"raw":"GET /tgJNCap-global.c89bafa8.js HTTP/1.1\r\nHost: global.turing.captcha.gtimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Wed, 25 Mar 2026 07:46:54 GMT\r\nContent-Encoding: gzip\r\nEtag: \"f8b43141654524d80df081c3ed90b439\"\r\nContent-Type: application/javascript\r\nDate: Tue, 31 Mar 2026 07:15:13 GMT\r\nServer: tencent-cos\r\nx-cos-hash-crc64ecma: 85448356857139650\r\nx-cos-request-id: NjljYjc0ODFfYzZhYWYyMWRfMjcxNWRfZGY2MDMyOA==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cosindex-replication-status: Complete\r\nContent-Length: 258923\r\nAccept-Ranges: bytes\r\nX-NWS-LOG-UUID: 7039929120373913163\r\nConnection: keep-alive\r\nX-Cache-Lookup: Cache Hit\r\nAccess-Control-Allow-Origin: *\r\nCache-Control: max-age=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":711341,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (60159), with no line terminators","md5":"434fc1a424b9e1c7fe931f240c16c080","sha1":"4bfb6cde69dabc4bf8de129f2541c95b5daf80fc","sha256":"d0b7ae0a0a87c008aa6ba0575518785fa53d24bac0661a7ae52287813877d2fa","sha512":"a5b4716d0b0bed50cb3c431e6f9f4eca5471a59e67ef8e92f9dace5cc38aec8d91baf636eba5ecdabcdc4d886756ab98b0c491d0f797245946ccbc94bcb6afde","ssdeep":"12288:skViGKDQc49wxGl1OmDttStYc3sT2xsU2qCgSMFC1wi5Kw9w5Am8FKk8JWDWiRIF:aRDQcjGlYmrTDWiRIB/","tlshash":"f9e41a407ad0a85d035b4f7b732bb1e6f85e0d6eb888488ff145bc9095e952bf9e0670","first_seen":"2026-04-01T08:03:24.041324Z","last_seen":"2026-04-18T20:07:52.033606Z","times_seen":17,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:59.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"POST /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/json\r\nContent-Length: 5568\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":5568,"data":"{\"channel\":400058,\"platform\":4,\"events\":[{\"id\":\"EId_TId_GT_Start\",\"content\":\"{\\\"t\\\":1776516297329,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\"}\"},{\"id\":\"EId_TId_GRft_Start\",\"content\":\"{\\\"t\\\":1776516297330,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\",\\\"dur\\\":20}\"},{\"id\":\"EId_TId_GRft_End\",\"content\":\"{\\\"t\\\":1776516299042,\\\"ret\\\":0,\\\"msg\\\":\\\"{\\\\\\\"ftCode\\\\\\\":3,\\\\\\\"dur\\\\\\\":586},{\\\\\\\"ftCode\\\\\\\":4,\\\\\\\"dur\\\\\\\":10},{\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":5,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000319,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"Notification is not defined\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":0,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000318,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"obtain timeout\\\\\\\",\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":9,\\\\\\\"dur\\\\\\\":1220},{\\\\\\\"ftCode\\\\\\\":10,\\\\\\\"dur\\\\\\\":502},{\\\\\\\"ftCode\\\\\\\":11,\\\\\\\"dur\\\\\\\":586},{\\\\\\\"ftCode\\\\\\\":12,\\\\\\\"dur\\\\\\\":784},{\\\\\\\"ftCode\\\\\\\":15,\\\\\\\"dur\\\\\\\":1244},{\\\\\\\"ftCode\\\\\\\":16,\\\\\\\"dur\\\\\\\":1130},{\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":17,\\\\\\\"dur\\\\\\\":1084},{\\\\\\\"ftCode\\\\\\\":18,\\\\\\\"dur\\\\\\\":1085},{\\\\\\\"ftCode\\\\\\\":13,\\\\\\\"dur\\\\\\\":1129},{\\\\\\\"ftCode\\\\\\\":14,\\\\\\\"dur\\\\\\\":1214},{\\\\\\\"ftCode\\\\\\\":2,\\\\\\\"dur\\\\\\\":1668},{\\\\\\\"ftCode\\\\\\\":3,\\\\\\\"dur\\\\\\\":586},{\\\\\\\"ftCode\\\\\\\":4,\\\\\\\"dur\\\\\\\":10},{\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":5,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000319,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"Notification is not defined\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":0,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000318,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"obtain timeout\\\\\\\",\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":9,\\\\\\\"dur\\\\\\\":1220},{\\\\\\\"ftCode\\\\\\\":10,\\\\\\\"dur\\\\\\\":502},{\\\\\\\"ftCode\\\\\\\":11,\\\\\\\"dur\\\\\\\":586},{\\\\\\\"ftCode\\\\\\\":12,\\\\\\\"dur\\\\\\\":784},{\\\\\\\"ftCode\\\\\\\":15,\\\\\\\"dur\\\\\\\":1244},{\\\\\\\"ftCode\\\\\\\":16,\\\\\\\"dur\\\\\\\":1130},{\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":17,\\\\\\\"dur\\\\\\\":1084},{\\\\\\\"ftCode\\\\\\\":18,\\\\\\\"dur\\\\\\\":1085},{\\\\\\\"ftCode\\\\\\\":13,\\\\\\\"dur\\\\\\\":1129},{\\\\\\\"ftCode\\\\\\\":14,\\\\\\\"dur\\\\\\\":1214},{\\\\\\\"ftCode\\\\\\\":3,\\\\\\\"dur\\\\\\\":586},{\\\\\\\"ftCode\\\\\\\":4,\\\\\\\"dur\\\\\\\":10},{\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":5,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000319,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"Notification is not defined\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":0,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":5,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":6,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":6,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000318,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"obtain timeout\\\\\\\",\\\\\\\"ftCode\\\\\\\":8,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":9,\\\\\\\"dur\\\\\\\":1220},{\\\\\\\"ftCode\\\\\\\":10,\\\\\\\"dur\\\\\\\":502},{\\\\\\\"ftCode\\\\\\\":11,\\\\\\\"dur\\\\\\\":586},{\\\\\\\"ftCode\\\\\\\":12,\\\\\\\"dur\\\\\\\":784},{\\\\\\\"ftCode\\\\\\\":15,\\\\\\\"dur\\\\\\\":1244},{\\\\\\\"ftCode\\\\\\\":16,\\\\\\\"dur\\\\\\\":1130},{\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"err\\\\\\\":{\\\\\\\"ret\\\\\\\":-1000320,\\\\\\\"res\\\\\\\":\\\\\\\"\\\\\\\",\\\\\\\"err\\\\\\\":\\\\\\\"{\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\"ret\\\\\\\\\\\\\\\":-1000321,\\\\\\\\\\\\\\\"res\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"err\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\",\\\\\\\\\\\\\\\"ftCode\\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\\"dur\\\\\\\\\\\\\\\":0}}\\\\\\\",\\\\\\\"ftCode\\\\\\\":1,\\\\\\\"dur\\\\\\\":0}},{\\\\\\\"ftCode\\\\\\\":17,\\\\\\\"dur\\\\\\\":1084},{\\\\\\\"ftCode\\\\\\\":18,\\\\\\\"dur\\\\\\\":1085},{\\\\\\\"ftCode\\\\\\\":13,\\\\\\\"dur\\\\\\\":1129},{\\\\\\\"ftCode\\\\\\\":14,\\\\\\\"dur\\\\\\\":1214},{\\\\\\\"ftCode\\\\\\\":2,\\\\\\\"dur\\\\\\\":1668}\\\",\\\"dur\\\":1732}\"},{\"id\":\"EId_TId_GRisk_Start\",\"content\":\"{\\\"t\\\":1776516299065,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\",\\\"dur\\\":1755}\"},{\"id\":\"EId_TId_GRisk_End\",\"content\":\"{\\\"t\\\":1776516299569,\\\"ret\\\":0,\\\"msg\\\":\\\"que:0,dns:0,tcp:0,ssl:0,req:0,res:0,ttfb:0,total:500\\\",\\\"dur\\\":2259}\"},{\"id\":\"EId_TId_GT_End\",\"content\":\"{\\\"t\\\":1776516299572,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\",\\\"dur\\\":2262}\"}],\"buildno\":200500,\"uuid\":\"dbf727d56e3b41b5943d2cf8219b4511\",\"seq\":\"45a8aade-de30-46f4-9bc6-36bcb764f78c\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:44:59 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/search.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/search.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:33:44 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6df38-4fb\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1275,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGB, non-interlaced","md5":"6ba0de162ed8116523faac1657eae169","sha1":"be763e0445d5eba1b9df5cbc3bdd561e45c3694a","sha256":"347b3f952d868cf23c3eb48ed2349dfc8454108f6e1f060c8ffb6ae247176451","sha512":"62449c4479729cc4c8f33a74ad94e26f950bc0fc99b51ce277285ddaa15b1ec3b2671b5b8fabad69323f03a2e0b31c699f21b7c02abb1a469bbcfe442679f54d","ssdeep":"","tlshash":"43219599f80038416588f44224ea517bf83b05c0c990a176becff02255780fae4599cf","first_seen":"2025-08-04T10:32:45.24668Z","last_seen":"2026-04-18T12:49:49.709824Z","times_seen":20,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/i7.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/i7.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 10 May 2020 09:30:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7c9c2-909\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2313,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"5a17bd67446404ca32dabd1fd3227950","sha1":"8eda71f2248c7cb06a4d387d176601a72b23fdbe","sha256":"bd94edee7c8f06c42a8ac2a4b14c0c818198b8e62839af6ec75273f3961227c7","sha512":"ff954abb67910f4a1f557959321d464924472413bcde9ce2093e5a994bff14c4283dfaad6c2601a0f179d6b2b0bf4213dc6f2f4a7ca01ccd3cb67641acb4bc79","ssdeep":"","tlshash":"64411b4df9115d50a2d4c9d221f89362971108a2caeaf9a7ad8ec41736302b68d3f2cf","first_seen":"2025-08-04T10:32:45.258662Z","last_seen":"2026-04-18T12:49:49.687155Z","times_seen":12,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":404,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sdk.51.la/event/js-sdk-event.min.js?u=3IYrMEx1ZJz1RPeO","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hash166.com/","date":"2026-04-18T12:44:49.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":""},"issuer":{"commonName":"Keymatic Secure Domain RSA CA G1","organization":"PKI(Chongqing) Limited"},"validity":{"start":"Wed, 01 Apr 2026 06:48:26 GMT","end":"Fri, 16 Oct 2026 15:59:59 GMT"},"fingerprint":{"sha1":"F0:4F:0E:62:84:89:BD:2B:8E:53:1E:AC:20:70:16:C2:F7:E9:C1:C0","sha256":"54:9F:ED:D0:8F:D4:0A:5F:31:95:55:FD:E0:E6:13:F2:09:8C:39:E1:01:31:98:FA:1D:DC:20:CD:20:19:7C:F5"}}},"request":{"raw":"GET /event/js-sdk-event.min.js?u=3IYrMEx1ZJz1RPeO HTTP/1.1\r\nHost: sdk.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hash166.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hash166.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 15 May 2023 03:20:53 GMT\r\ncontent-encoding: br\r\netag: \"6461a515-127d3\"\r\nserver: openresty\r\ncontent-type: application/javascript; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\ncache-control: max-age=1296000\r\ncontent-length: 21510\r\naccept-ranges: bytes\r\ndate: Sat, 18 Apr 2026 12:44:49 GMT\r\neo-log-uuid: 3156463745257195709\r\neo-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75731,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65308)","md5":"d8b86cb6f6c21e85b9c937dfdb9c2d28","sha1":"b4d1693de341bc8907adf4ce9c92ef81fded922b","sha256":"76321b4c7a653d40fb72e4e2501842d3b12f3bd2822e7d1103054eeff1a6a53c","sha512":"5557b2e594e8fa69722453a399c2b48335a241f01ab22c1ae151a98fa637139372d9105c7d48428d0af31cc9c7d70672fd0ad59f58823963e813d528434e3b1b","ssdeep":"1536:Mm/6jaOdXslehi41GvwsciNxLbxLcBXs1v3kjs+TTk1TVBSYreiMUGsnJ9+Saebb:MmDS8SOZ","tlshash":"3c7309de31c2b07253e7316a106f610bf13a5d556c0e5820f215d999bc78e8b82bbf6e","first_seen":"2023-04-07T05:45:48Z","last_seen":"2026-04-18T21:02:39.30749Z","times_seen":1560,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":146,"dns":6,"connect":19,"send":0,"wait":21,"receive":1,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/login.4af18a7f.js","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:52.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/login.4af18a7f.js HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/assets/main.ecaab409.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:52 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\netag: W/\"69de49f1-ce3\"\r\nexpires: Mon, 20 Apr 2026 12:44:52 GMT\r\ncache-control: max-age=172800, public, no-transform\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: SgM9j_tK72ikBNPHW3LCMMckxrO74bUBA18SBtNncE4AvPzuTjU5Ww==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3299,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3298)","md5":"326f993fcf46a737902c9eba084f110c","sha1":"44a183bb22cbd17afaf2cc11a95098ca3d18008b","sha256":"b4b44bcf0e547c0f150691b55fab3d06c3787ee99b4c47780d5efad16a875dc4","sha512":"5fab21f48b7e34cf779de3d2c1c86268c9dbf551e12f2bc018238e072063f110b6de9da931569f04aea69b2cbc92d0e985d0a5b860971cd73a5869e5d8e29f92","ssdeep":"","tlshash":"8361be9af81e8a3ac9765544c4b6240c390d2ff46250af7f5cf88e253fd5e6d270e2a0","first_seen":"2026-04-17T00:42:36.056852Z","last_seen":"2026-04-18T20:07:52.022667Z","times_seen":9,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bethx.vip/api/getConfig","fqdn":"api.bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"54.240.174.49","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:54.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sun, 26 Oct 2025 00:00:00 GMT","end":"Tue, 24 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AD:69:21:3D:64:E5:F4:08:30:28:46:7A:27:F5:62:CA:71:2C:14:FC","sha256":"F1:B9:F4:B1:8F:05:D3:69:29:2D:37:FE:30:BE:1D:2C:34:72:F5:56:A2:B2:62:E0:A0:39:4D:2A:37:92:54:2B"}}},"request":{"raw":"OPTIONS /api/getConfig HTTP/1.1\r\nHost: api.bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: authorization,langcode,user-device\r\nReferer: https://bethx.vip/\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nserver: nginx/1.18.0 (Ubuntu)\r\naccess-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS\r\naccess-control-allow-credentials: true\r\nallow: GET,HEAD\r\ncache-control: no-cache, private\r\ndate: Sat, 18 Apr 2026 12:44:53 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN,langCode,User-Device\r\naccess-control-expose-headers: Authorization, authenticated\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: cQ4rK7vA7HH3Fiw1J3uR-J7SSgUtGqec91JtosZJlyJf07BlxGaWKA==\r\nage: 1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"api.bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.turingfraud.net/event/report","fqdn":"www.turingfraud.net","domain":"turingfraud.net","tld":"net"},"ip":{"addr":"162.62.10.47","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:59.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.turingfraud.net","organization":""},"issuer":{"commonName":"DNSPod RSA DV","organization":"DNSPod, Inc."},"validity":{"start":"Wed, 08 Oct 2025 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"60:CC:09:90:24:93:4C:24:02:F1:97:00:C8:51:55:4A:C2:69:C5:FC","sha256":"0A:2F:A1:C2:DB:F8:EA:01:4E:CB:CB:BA:36:3F:00:27:43:7F:9A:66:0D:6F:EE:C5:DE:5C:E4:35:39:3B:3D:06"}}},"request":{"raw":"POST /event/report HTTP/1.1\r\nHost: www.turingfraud.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/json\r\nContent-Length: 323\r\nOrigin: https://bethx.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":323,"data":"{\"channel\":400058,\"platform\":4,\"events\":[{\"id\":\"EId_TId_GT_Start\",\"content\":\"{\\\"t\\\":1776516299574,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\"}\"},{\"id\":\"EId_TId_GT_End\",\"content\":\"{\\\"t\\\":1776516299593,\\\"ret\\\":0,\\\"msg\\\":\\\"\\\",\\\"dur\\\":2262}\"}],\"buildno\":200500,\"uuid\":\"dbf727d56e3b41b5943d2cf8219b4511\",\"seq\":\"60039a93-53cb-4871-93dd-e0bee287c07e\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Apr 2026 12:44:59 GMT\r\ncontent-type: application/json\r\ncontent-length: 9\r\naccess-control-allow-headers: Content-Type, Authorization, X-Requested-With, Traceparent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3600\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7356645231da9cfecc34610420982100","sha1":"4e6d5bf58d719360518ecccb073248d0293dd346","sha256":"2c2237045b54bb664bd76b7d6f1da237fd50de74712edf261e90c1c0d7f2e822","sha512":"c092af8c828b98fb9ac62ec48f64c01907d25106e96096a40e52d770f732442c729c11c34406dd0be1690620d91d97a6a4839ca409b57e227a65844e17bad112","ssdeep":"","tlshash":"8c50003000000c03000c0c0000000003c0030c0030000c0000000c000000c000300000","first_seen":"2023-04-05T16:48:03Z","last_seen":"2026-04-18T20:07:52.040634Z","times_seen":1671,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/weibo.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/weibo.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 10 May 2020 09:31:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7c9e0-683\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1667,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"631ddb1ad8c68dfcb7ec5111035a219f","sha1":"c878179cf386660707e01e7d7a306de0ab8a745a","sha256":"0531957becf5d48e7de0ddd9d644b79e394d5aa900797404dbf9cb01f05b1c18","sha512":"830f35576d11eca48e486130db8fb297a823a69ae0c9b39fa1942a0e5e4ab827ef46814a9cae337fb9aba08f69c2e7b206cc851bd6469aeb9fe8f59b8ccd46c2","ssdeep":"","tlshash":"0f31c88dff8064905918daa160f591b7ed738da0edd0f8b059cdc4012ba60f64d1e7cb","first_seen":"2026-02-23T13:17:08.017992Z","last_seen":"2026-04-18T12:49:49.715161Z","times_seen":5,"resource_available":false,"data":null}},"time_used":648,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":648,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"77hash.s3.ap-northeast-3.amazonaws.com/images/9Fqhn1743468917250401.png","fqdn":"77hash.s3.ap-northeast-3.amazonaws.com","domain":"77hash.s3.ap-northeast-3.amazonaws.com","tld":"s3.ap-northeast-3.amazonaws.com"},"ip":{"addr":"3.5.241.99","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:55.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3.ap-northeast-3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 14 Feb 2026 00:00:00 GMT","end":"Thu, 11 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"8E:7B:63:EF:E6:C9:5C:E2:75:EC:28:1B:89:0A:7B:5A:75:7F:58:D8","sha256":"2F:C4:88:1B:AD:C8:3A:F2:3A:5E:75:3A:97:20:2B:B4:E1:CF:A3:62:48:15:B5:56:53:F5:84:C3:DD:53:FB:E5"}}},"request":{"raw":"GET /images/9Fqhn1743468917250401.png HTTP/1.1\r\nHost: 77hash.s3.ap-northeast-3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: mLu4Gl+nICIjU9Rw45bw/G+2kLGkoF+5tUiuPk9UBcFrDPV5jCZ1D/a9PNYzXZ0ST5URNRkVjD/p8x46FsZfMwwdxwam+Yey\r\nx-amz-request-id: NYWMNKDTP9T5N783\r\nDate: Sat, 18 Apr 2026 12:44:56 GMT\r\nLast-Modified: Tue, 01 Apr 2025 00:55:18 GMT\r\nETag: \"777c821c6fa463616ff0d6e7aae69e2c\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 3479\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":3479,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit/color RGBA, interlaced","md5":"777c821c6fa463616ff0d6e7aae69e2c","sha1":"c6e338dea0e1c40fba333e271f902ca3ff56564c","sha256":"9183db3f471d0b0d1969dba4f2962e26c8955a80da375eb6c7970b6039cec06e","sha512":"02835384d91cc9aa212ef5b5d8c4bc7337cf2a82f6e98ec463692be93726a4602d347ead4739e08ce86a4fda1fd957523b8468e3065e0ffc791a166d96c5f241","ssdeep":"","tlshash":"a7715d61a39bad528a1057f722104527d9bb467ef7c6bbd780e764812a1d598b3c8043","first_seen":"2025-05-28T04:51:10.418834Z","last_seen":"2026-04-18T12:49:49.67346Z","times_seen":11,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/js/jquery-2.1.1.js?t=1589099922","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/js/jquery-2.1.1.js?t=1589099922 HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:46 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-14917\"\r\nexpires: Sun, 19 Apr 2026 00:44:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84247,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32061), with CRLF line terminators","md5":"8b0bc30d9bdfc389526361019dec7736","sha1":"036d737fb63a019d8a1c434f2b4545b22b6fd45f","sha256":"e176dc8d5da626a295961c495ff00c67ac6dd9295677410f6e211537dfb3a1e0","sha512":"8c389fe6ecefb91e0f4b42c59a1aa8ccaf26ba14e86a7b435a0362494afd09f3ef1235c6d2328a06181772dcde0149c494785fdca57c8682c9eba47127a4690c","ssdeep":"1536:DPEkjP+iADIOr/NEe876nmBu3HvF38NdTuJO1z6/A4TqAub0R4ULvguEhjzXpa9y:oNM2Jiz6oAFKP5a98HrJ","tlshash":"6583d6d9b2c67062977734b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","first_seen":"2023-03-07T01:39:52Z","last_seen":"2026-04-18T12:49:49.667112Z","times_seen":1315,"resource_available":true,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/js/fastclick.js?t=1589099922","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/js/fastclick.js?t=1589099922 HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:46 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-779b\"\r\nexpires: Sun, 19 Apr 2026 00:44:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30619,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (388)","md5":"e096fb71e09084346d770f701c6968e8","sha1":"de96993b59d5d5f1e0188a0e0dabd4bd02697383","sha256":"0f6cf9af2e7b843fff331e3977d1ee17879710fdfc30d572d57f7b12aa153eb0","sha512":"589940183c32d81a1b71464b50467aa8e1cbbbdcdbe5bb33fc71e933d3c0b087d7e715f9b99feb9a82d4705becac129104351a521cf62abd44c0c44269617832","ssdeep":"384:qv22ogWnLYDfrcfb3iESyEzEo4IyMBMzFn+tZDXZJbcd5P2s47y72SZNSLGOb6:q6g8LWy3iwFtM2AZJOPx7ga","tlshash":"46d23f4f36e611b2459f623e6b8b6184f375809b52068488bc5e9fb82f58f3143f1ee5","first_seen":"2023-03-26T08:03:05Z","last_seen":"2026-04-18T12:49:49.673923Z","times_seen":38,"resource_available":true,"data":null}},"time_used":765,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":765,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bethx.vip/assets/login.8d1f7ec0.css","fqdn":"bethx.vip","domain":"bethx.vip","tld":"vip"},"ip":{"addr":"65.9.46.112","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:52.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bethx.vip","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 10 Dec 2025 00:00:00 GMT","end":"Fri, 08 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"67:7A:18:61:36:02:A0:18:4C:DC:63:C3:AA:55:55:CF:9D:B1:33:5B","sha256":"E5:50:D5:02:46:9D:18:63:39:E5:EE:0B:8F:CE:C7:0C:3B:97:00:56:2B:E3:A0:18:B5:F8:66:75:96:A3:76:04"}}},"request":{"raw":"GET /assets/login.8d1f7ec0.css HTTP/1.1\r\nHost: bethx.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/register/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sat, 18 Apr 2026 12:44:52 GMT\r\ncontent-encoding: br\r\nlast-modified: Tue, 14 Apr 2026 14:06:41 GMT\r\nexpires: Mon, 20 Apr 2026 12:44:52 GMT\r\ncache-control: max-age=172800, public, no-transform\r\netag: W/\"69de49f1-a59\"\r\nvary: Accept-Encoding\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 aeb4c02c6985102f97552c03a17a7832.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN52-P1\r\nx-amz-cf-id: SK0vSAf1rynUPy0HD-PjZk3KGJ5rvZaDEr5wnjdTqwnhNbUJe41sMA==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2649,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2648)","md5":"503b97cdc95108f941030eb1c01d201f","sha1":"6dfdd198a0f97cb2e67aca865291861f79589f93","sha256":"adc27c8fc06250aae3c1817c514ff88384893d3ca706a2c8124a20636512b6f9","sha512":"ab7bd818432678251dd90494ce209d7721951ac3bc348973b8b763768ec5ff975aaedebe16424ebe73aaf68e3757abcd856820e9b394d4f57269621a3731234f","ssdeep":"","tlshash":"515100216c4f692cb03be062a4f011ec6108c783e5a25f7dca6539ecd9c36d62e3b2c1","first_seen":"2026-04-17T00:42:36.080437Z","last_seen":"2026-04-18T20:07:52.020209Z","times_seen":9,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"bethx.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F410255X47.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F410255X47.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 02:25:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e11c36-26ac4\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":158404,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x580, components 3","md5":"ad67cfec597460f1c6176027dff61a48","sha1":"2d9e32f232777f89894b459530a4e6984af52654","sha256":"525b722e2d4a3fd80593ac3df7ae3b80836b6ea41d012bfcc37251feb867d395","sha512":"520778a35800af57999ef87b9e691689fe45264bc6aebd77925403a2de6a0fe3c38d9185df3be15a9655f957d5123b95626df0f82aec322f6545f8c1147c5f8a","ssdeep":"3072:kInWAPpr6ivA3k4XC+UpFYGBukG7HXpTd3BXA8CCm7Zdd:0+pr60AjXChfRmpxbChh","tlshash":"bff3124b5888e730976e20f6f4e27507cbfb7e56484a384e6627ffe0a6c74940ce6119","first_seen":"2026-02-23T13:17:07.94076Z","last_seen":"2026-04-18T12:49:49.684107Z","times_seen":4,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/gushi1.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/gushi1.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 27 Apr 2020 13:24:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dd0a-209d0\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":133584,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 763x433, components 3","md5":"dbb63cb2a6e5c280e03d345a29b6ad2a","sha1":"495365cbb6ee8e9ec80d0223a1a7a8af5784ff1f","sha256":"8c43a0e34191d82d8e43d414d0181253443bda95a3d39d9a93de04cff43dcec4","sha512":"9d9cc18e418886132132046eb6c095494ef51c78943a189fe62194155e8dbb1bb6c3c26e4381c8ce8acd041ee98015c7f56e2a71b4ced100414b1100361e0cd1","ssdeep":"3072:DhTpoWLxJQrv49s8lwV5Bkj2aVgLufbl7Bjbbz7:DhTpxFvK8lwU2aVhzb/bz7","tlshash":"e4d312519020ebbc078b55de8f193129311c4ae8e7e136a3826c7356b5f8ed33279679","first_seen":"2026-02-23T13:17:07.856807Z","last_seen":"2026-04-18T12:49:49.710922Z","times_seen":4,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":405,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/weixin.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:47.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/weixin.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/template/pc/skin/css/main.css?t=1625390824\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2020 13:31:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5ea6dea4-669\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1641,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"3aa798096206e25229b6eeb2960b6fdd","sha1":"e329c21b0582e5926e42f244b24caaadcc131917","sha256":"c12812077a8c2e9ecaf0742f172b988d7ba7a6023a0e76264ed79f0a02a4d69a","sha512":"8bdd27d71dc524a07098f9acc1213445cfea7bf04f52a4ad0d309b458e9023ae02b8ab9b17352a75250487a11fe36d4f7ae2beaeddf9e6979d8b3cce0f246853","ssdeep":"","tlshash":"9731ea0ff6413d8175bcdb0221f15257aa33a5c4dae4b8e65ccec05a38519f889ae9cf","first_seen":"2025-08-18T04:37:37.101421Z","last_seen":"2026-04-18T12:49:49.706181Z","times_seen":7,"resource_available":false,"data":null}},"time_used":647,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":647,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?e4d96263a9a49b5719dead97eb43ae0f","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hash166.com/","date":"2026-04-18T12:44:49.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?e4d96263a9a49b5719dead97eb43ae0f HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hash166.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11292\r\nContent-Type: application/javascript\r\nDate: Sat, 18 Apr 2026 12:44:50 GMT\r\nEtag: 10c49310a40dbb27d42d232698d7b16f\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=BB4C28CC1DDDCE78; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29898,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (622)","md5":"ae6796bb0c2e948ff2394d80104a39a1","sha1":"98b2f92acffcdb9ced45bb441143e1004a930b8c","sha256":"b2be95b99c7df97687eb0b49a88383265985485f70ef117e2da4d846b59ef64d","sha512":"e010af466bafc21123a4f59f4d67eba995dd82531cbadc324632f0a4701968681d26b8363ced3df8d36df4eff46522d83fc4e1ee7d85211f67c3754d861c5e72","ssdeep":"384:51JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:514VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"d2d2d9e9b282713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-04-18T12:45:36.461602Z","last_seen":"2026-04-18T12:45:36.461602Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2663,"timings":{"blocked":795,"dns":1,"connect":263,"send":0,"wait":1069,"receive":2,"ssl":529},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hash166.com/","date":"2026-04-18T12:44:49.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.51.la","organization":""},"issuer":{"commonName":"Keymatic Secure Domain RSA CA G1","organization":"PKI(Chongqing) Limited"},"validity":{"start":"Wed, 01 Apr 2026 06:48:26 GMT","end":"Fri, 16 Oct 2026 15:59:59 GMT"},"fingerprint":{"sha1":"F0:4F:0E:62:84:89:BD:2B:8E:53:1E:AC:20:70:16:C2:F7:E9:C1:C0","sha256":"54:9F:ED:D0:8F:D4:0A:5F:31:95:55:FD:E0:E6:13:F2:09:8C:39:E1:01:31:98:FA:1D:DC:20:CD:20:19:7C:F5"}}},"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Length: 262\r\nOrigin: https://hash166.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hash166.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 210 No Reason Phrase\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://hash166.com\r\naccess-control-allow-credentials: true\r\nserver: TencentEdgeOne\r\ncontent-length: 0\r\ndate: Sat, 18 Apr 2026 12:44:49 GMT\r\neo-log-uuid: 12867509081459024828\r\neo-cache-status: MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"No Reason Phrase","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T20:23:19.513448Z","times_seen":13909737,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":32,"dns":0,"connect":0,"send":0,"wait":259,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"77hash.s3.ap-northeast-3.amazonaws.com/images/pVgTw1743468928250401.png","fqdn":"77hash.s3.ap-northeast-3.amazonaws.com","domain":"77hash.s3.ap-northeast-3.amazonaws.com","tld":"s3.ap-northeast-3.amazonaws.com"},"ip":{"addr":"3.5.241.99","port":443,"asn":16509,"as":"AMAZON-02","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bethx.vip/register/","date":"2026-04-18T12:44:55.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3.ap-northeast-3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Sat, 14 Feb 2026 00:00:00 GMT","end":"Thu, 11 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"8E:7B:63:EF:E6:C9:5C:E2:75:EC:28:1B:89:0A:7B:5A:75:7F:58:D8","sha256":"2F:C4:88:1B:AD:C8:3A:F2:3A:5E:75:3A:97:20:2B:B4:E1:CF:A3:62:48:15:B5:56:53:F5:84:C3:DD:53:FB:E5"}}},"request":{"raw":"GET /images/pVgTw1743468928250401.png HTTP/1.1\r\nHost: 77hash.s3.ap-northeast-3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bethx.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: zZlLJEAqN02+AASxFjypRwccCYuZ7ahpbhg+s8fjfM7OxlZAyAedQygtbzrRlP6Gsm6o5z8exauQvQ2UzA1ZKqESxXmdYkGM\r\nx-amz-request-id: NYWGX4W56DX31MX6\r\nDate: Sat, 18 Apr 2026 12:44:56 GMT\r\nLast-Modified: Tue, 01 Apr 2025 00:55:29 GMT\r\nETag: \"68e89d1f56a8fb652fb15a23b2a863a6\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 2602\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2602,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit/color RGBA, interlaced","md5":"68e89d1f56a8fb652fb15a23b2a863a6","sha1":"aaed699eb698f9d7f801c2767fc499e39dc2299c","sha256":"e9404e8d4b863f7d13b95241ff525d957a9889cca15ef824166d2811d3d37446","sha512":"ceb48043d3958124872ea2bb0df27279e7c9318289d36da705cae1d88f4b260fe05d00b038ce5a0956fb877576807e9786b0c8fb056da1da03baf4d899ef6f8f","ssdeep":"","tlshash":"8a513ae889d83d78e635977480584511ab93a3b693810efa370c389ddc7114f7ceae38","first_seen":"2025-05-28T04:51:10.485629Z","last_seen":"2026-04-18T12:49:49.665482Z","times_seen":11,"resource_available":false,"data":null}},"time_used":1482,"timings":{"blocked":585,"dns":1,"connect":288,"send":0,"wait":312,"receive":0,"ssl":293},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/js/swiper-3.4.2.min.js?t=1589099922","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/js/swiper-3.4.2.min.js?t=1589099922 HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:46 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-178a3\"\r\nexpires: Sun, 19 Apr 2026 00:44:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96419,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31999)","md5":"fb13ef3e875ca3497ede35d3774be9d3","sha1":"ab0743a89d522438c17ae7eaf5943fd4590ee3d0","sha256":"4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083","sha512":"7b9fba1a93c724bc53e1dd4e27e59534430076346ddc73b24fcb71c9b7cb831321a70ffa38797185f7108ee64a18f1fa08cf2b7ccf2dbfc03e767b23187814c5","ssdeep":"1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTR:LTX73uTq/","tlshash":"0d93d66eb314f3e295d3214a675ac64122f21706b809dae870b54c4a68bcc5d03bffbd","first_seen":"2023-03-07T01:17:19Z","last_seen":"2026-04-18T20:53:06.209452Z","times_seen":3123,"resource_available":true,"data":null}},"time_used":541,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":541,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/uploads/allimg/20210704/1-210F4155452934.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /uploads/allimg/20210704/1-210F4155452934.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 04 Jul 2021 07:54:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e1694c-5095\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20629,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 280x271, components 3","md5":"069b75b0776ba3c0b932c4e6bb3932d7","sha1":"f8867dc4dc5c496522e35e626c4529e131cb7c51","sha256":"ad813f5ece3d00490d1a4ffd3464bcd820794efcce4963035a89032b890cdcc5","sha512":"db2a10ec2ba42534ce94ede768932e13a2efc94b60b80197ff6f510123213bee03d7986ecf7e6ac1fa5ca245c45fe456d81263af1bf1db3a3320627f2dff16d9","ssdeep":"384:jgArtddGBoSL/+DRcuHu8pABrr11Xy7Y/XR1n3JoBaxKkAprPl:sOtdEmScRcf0qrp1AYpF5sKKkcPl","tlshash":"9092af922d591ab8f3c8cd3837d3ab07228a190141e30e3e9c1b53d3a6a1d6fdd60e4c","first_seen":"2026-02-23T13:17:07.946295Z","last_seen":"2026-04-18T12:49:49.697355Z","times_seen":4,"resource_available":false,"data":null}},"time_used":762,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":762,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/i4.png","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/i4.png HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-c3c\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3132,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"0d8e12b7cf859ede3dc65e1b137fbdef","sha1":"d9186c7c7edabd557ad53af23b2760b2a193b9e2","sha256":"2a4067a48ef57e6b6ef3503c0bfe983d984a152527225874623cb94f17f8992a","sha512":"265ecad1f461050f7a9f9a2f7c91c8429524d7da3a63d6708264b4732b5db388ae7b0da2751a718807646072e992b089d2aa2482797c312633b2f8ab7b9a2825","ssdeep":"","tlshash":"75516cd7e956ba52424fc84125f987357e124958a9d0c6592cc8c8137c430fa9e6fecf","first_seen":"2024-05-23T13:11:50Z","last_seen":"2026-04-18T12:49:49.68656Z","times_seen":9,"resource_available":false,"data":null}},"time_used":757,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":757,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dogecoin8.com/template/pc/skin/images/pinz_pic01.jpg","fqdn":"dogecoin8.com","domain":"dogecoin8.com","tld":"com"},"ip":{"addr":"107.151.92.52","port":443,"asn":132839,"as":"POWER LINE DATACENTER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dogecoin8.com/","date":"2026-04-18T12:44:46.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"m.dogecoin8.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Wed, 25 Mar 2026 07:00:00 GMT","end":"Tue, 23 Jun 2026 06:59:59 GMT"},"fingerprint":{"sha1":"5C:0D:5E:E9:6D:D0:19:FE:B6:AA:77:0F:91:80:1E:4C:DA:F3:9B:6A","sha256":"3F:19:30:F8:E4:AB:C0:61:6E:27:3F:DB:25:FD:D5:FE:19:37:F9:30:DF:C2:B7:C5:F5:F3:B5:7B:C1:78:9F:C7"}}},"request":{"raw":"GET /template/pc/skin/images/pinz_pic01.jpg HTTP/1.1\r\nHost: dogecoin8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://dogecoin8.com/\r\nCookie: home_lang=cn; admin_lang=cn; PHPSESSID=2k6hvak7klsvh3aeq6oimqj653\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 12:44:47 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 10 May 2020 08:38:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5eb7bd92-610d\"\r\nexpires: Mon, 18 May 2026 12:44:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24845,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 271x246, components 3","md5":"2251227dac2100253dc2fc29e596ad18","sha1":"66297be83096c5add28304988fb6b405475ef4a3","sha256":"05709c9308031df78ad0cfbc627d10081d91b97f341c85c4c7a808d2d9105bf2","sha512":"c38052905c7870f01a78454c35b85f25ee3e32979bf26c57c2b50faa5766c06f36ffcae9268ed5c5d865657365ad457e0b23487db753664ac22394407205ab76","ssdeep":"384:tsIgI5cFL8FqCyiCVxo9JgyncbTjCfa8/aV9rKTCXYfQDYFPQfM3qn2zZSO6h22r:Kb4QriCxo9za8/wrKT2Yah6SOATP","tlshash":"a7b2e063ed81845ba5fe52955073cc586532bb73ed2298feff088b4b50896df00a6b06","first_seen":"2025-11-12T02:54:17.263265Z","last_seen":"2026-04-18T12:49:49.669796Z","times_seen":11,"resource_available":false,"data":null}},"time_used":757,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":757,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"dogecoin8.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}