{"report_id":"87c06dc2-c985-44e3-af78-44ec004b012a","version":6,"status":"done","tags":[],"date":"2026-03-19T13:35:19Z","url":{"schema":"https","addr":"bytewealt.com/","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":0,"asn":0,"as":"","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"bytewealt.com/","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"title":"bytewealt.com/","dom":{"size":500,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (445)","md5":"a782ca6bd36cfb3ca2f106c9946b50b2","sha1":"a0b7466aef00d085a70c6ef489d19e481bf0e981","sha256":"59d5bc1bf33b8a2dea45b7914c5249bae855b6774424b75accf99f2e7e49a8af","sha512":"28b21b4e20d74dc477ace943042e2e8654b7aba15981ee59526a38c954b6e00b0bb9720dec5e904537b3c6ac46984b0dfffec67349e4335949fd7a1d9d1c0196","ssdeep":"","tlshash":"32f00eb75963bf3212bebe02a0f231a50023c530f0b420582bb0b147413374c7be0423","dom_hash":"domhashe7878feada357c83b98d617f7576c066","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"bytewealt.com/","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":0,"asn":0,"as":"","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-23T13:35:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bytewealt.com","ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"domain_registered":"2025-07-22","domain_rank":0,"first_seen":"2026-02-22T05:51:59.481572Z","last_seen":"2026-02-22T05:51:59.481572Z","alert_count":60,"request_count":30,"received_data":1324334,"sent_data":34296,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-15T22:19:58.945817Z","alert_count":0,"request_count":1,"received_data":8751,"sent_data":514,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bytewealt.com/","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"83c9ba466f400878877adc349c276589","sha1":"3b3a1ccf1d4474dca1a17ce80bfe9817d83dc88f","sha256":"da8653ba2b2eb4494c57def0d48c40643d0169b2bf9d90aa3d3181b97ee07352","sha512":"90bb572b4cf32c03708670eaf8f6c0c358be2be0ca3d2d3c26a8c2422a93c6403dfab857794308829fc0982033d981d7ee185ee782692969b52f4dde065b22ec","ssdeep":"","tlshash":"aef097765152bf61627eae16a1b224a100238521b1b420a86a74b147513370c76e4423","size":457,"data":"","first_seen":"2026-02-22T05:52:03.57631Z","last_seen":"2026-03-19T13:37:18.199584Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bytewealt.com/assets/images/frontend/team/5fce3b5f679ad1607351135.jpg","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/frontend/team/5fce3b5f679ad1607351135.jpg HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 16354\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16354,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 280x296, components 3","md5":"2cec92c75d81bf319ed1b727b6fdd080","sha1":"7f8b50f10aabdebb20c69bc4acf7c788f85a9c0f","sha256":"8c60f517d65fcec51da2bd2d204af459345762fccc5015035cd590337a1b2417","sha512":"69fc8047618b05dd3ee286b34417765af9454d78f83ac87a99d18f63c750a178ba8764fa085548c74f11d642bda397b4b8fef5cc65926a909042f06ba668b6bf","ssdeep":"384:fAcyXyUowgIf5O/dP2a6VthO9J+GiTfTNqBdE/m:fAqU/zBO/dPJ6VO9RiTf5q3","tlshash":"3972c0a84d4262e73f2a940844ebfc1bb1c126507bd4f97974f069e1edab9f18a41f06","first_seen":"2023-05-10T00:16:00Z","last_seen":"2026-05-19T05:30:13.723193Z","times_seen":19,"resource_available":false,"data":null}},"time_used":373,"timings":{"blocked":338,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold/js/iziToast.min.js","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold/js/iziToast.min.js HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 18486\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18486,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (18398), with CRLF line terminators","md5":"df383d4feeb05ea8bfe86a0569ef0524","sha1":"c6fd53b0a4abc2b73f55025ecb28d2eb65db93d4","sha256":"df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446","sha512":"66af68f84d34c61851ffbbc9e3d9b114d274290c351354cc5a43d3c6b59c9e97c41431178148b024720a8adf77116fd7c44df51d2239184396d3a1ba045d40b4","ssdeep":"384:9hKmhCPzlc5gVCPBpcG/0CEvXArKKpQi8VREgO3MrnHzxJBkHI4505P:3K5PzlcN8DXArhpQzRHO3M7TxfGIYUP","tlshash":"2582c894722032374aa329a960ff534a3772156ca9c641a4243fcdad5b34f8939f77f8","first_seen":"2023-03-07T12:01:52Z","last_seen":"2026-06-08T06:16:12.942129Z","times_seen":1681,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":139,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/frontend/blog/thumb_5fce380ced66f1607350284.jpg","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/frontend/blog/thumb_5fce380ced66f1607350284.jpg HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 41643\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41643,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 555x293, components 3","md5":"25102368631e995940067a83d9f36193","sha1":"1c2582c2459c00bc6823b84be582c8c5c4fd4236","sha256":"bc99ade5e13d3ef8b1f95c0166a9ef056a30b3884c65bc9cbd2538d62bb9ac5d","sha512":"357325522922a100757b593ce487a766a36dc1f8d3a9b215debba0e7104a7688e1e693aea3e9aa5e15d49bbf7c7f5effff070c11991cf740f29f3888e1e49837","ssdeep":"768:kgJL/mwej4nWCa4NaFp9PtE+o3J3qMdrqZaZU+of5B2ObnuRoeTr6AEx7h3M0aln:kgJL/Ej4nWCaycpRtgLoWiB2ODuRf6Af","tlshash":"7813f1ab5b55cfd47ca8d13aa0a65c3982c223b768843ca54fcdc671530039aaf867f1","first_seen":"2023-10-21T04:58:04Z","last_seen":"2026-05-10T05:09:44.569389Z","times_seen":14,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":298,"dns":0,"connect":0,"send":0,"wait":37,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/frontend/blog/thumb_5fce37fae7fdf1607350266.jpg","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/frontend/blog/thumb_5fce37fae7fdf1607350266.jpg HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 46674\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46674,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 555x293, components 3","md5":"d722a6b754e558c491fbac98da01a9c7","sha1":"506f0030134b148f8e43f08cc295fe023fd19bb0","sha256":"36d21ccc54318435833b64208a41decc96f13ffbaba3876219ecbbbac98692f1","sha512":"62bd9baa69e388fd26976ad21251344ff3e4d153901b5df14bb9d9df506fb59fc78f436c0d218d874ece3eb886c2a089adb12fcb9ddddb892245064781cfeafb","ssdeep":"768:kb9XB7ycpJzIMUBWdXjywAO22oAlSX+RBJjBqyTBpO7XXEA/vqS5qTcPf8mq:kbBM8zGkz9NoAhDJjMyTz6Xf5FPfg","tlshash":"0b23022be63f9dc1f576ae96dab05cc795c08b083166c8413f941738e8ee5f962c43a4","first_seen":"2023-10-21T04:58:04Z","last_seen":"2026-05-10T05:09:44.352295Z","times_seen":12,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":297,"dns":0,"connect":0,"send":0,"wait":37,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//css/vendor/animate.min.css","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//css/vendor/animate.min.css HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/css\r\nContent-Length: 68606\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68606,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (460)","md5":"0338f296e0c62240e256f481aa2e0231","sha1":"bc26ba3a09932875baa1ac2b3b533e258e339e14","sha256":"7400b662c9bf915de8c9a174f9e09ccc8313340622deaac4f65bed8339f1466d","sha512":"7b15ceae7f268484b43af55a1d0e1e793ba692101bddeb5e5b916bef9a426716e345e3e0325c233d0547c8d620ecd7c48432f59d4d29ddf534205586348fa091","ssdeep":"192:LIQHnIwf2T/awfDZUiduG+MONjnbimZbHMxymDSVbyPiVEzfukrWL7XU+qLmfRvr:LIW6yffHf7SpS/fjf7","tlshash":"2f63096929e1114466370a15c7df9f78263ce5a31826ecfab3d2588bcf41fac23c9617","first_seen":"2023-04-06T16:57:15Z","last_seen":"2026-06-08T04:38:05.541017Z","times_seen":1501,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":51,"dns":1,"connect":38,"send":0,"wait":71,"receive":42,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/gateway/688e87e66a02d1754171366.png","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/gateway/688e87e66a02d1754171366.png HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/png\r\nContent-Length: 34633\r\nConnection: keep-alive\r\nLast-Modified: Sat, 02 Aug 2025 21:49:26 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34633,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced","md5":"895bb3594e1cd5ac571e348f57dcb36d","sha1":"63b260f7e680c4ecd68add374b30fc2cd0fa6a9b","sha256":"876a3dd9a6a8fde9e32fbda5e34e17e2485dba6c43aa7d5fe2b65bd69b67181b","sha512":"24485ae6da84d4b15d9ae200fc8ff74d363d7730a18cfcfc4bed569f6efff053384fc191a6dd2fcb122be2f8dedeacc0bb7ffe1557699b3afc74d87a839af2e8","ssdeep":"768:Qh6bk8QsnztCIodBStf+oONOMZsi5iKcrIm:/bTzZ2B+XdKcrIm","tlshash":"12f2b0cb8ba51829ef7e8678fde30475beb302a645ccd15092239b79ee4294428cf5d4","first_seen":"2025-11-01T03:54:58.291812Z","last_seen":"2026-03-19T13:37:18.17886Z","times_seen":4,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":369,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//js/vendor/bootstrap.bundle.min.js","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//js/vendor/bootstrap.bundle.min.js HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 81084\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81084,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65297)","md5":"7fd2f04e75bd7ab1a79d80cdd4c33085","sha1":"e02a14457b25e6df2568b772feab4387c00a4934","sha256":"5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24","sha512":"3b2e41aee25d13780ff7e2cc275d640b99c4ae4877a7863419ac13d49adc7b3e114c3c4e0dfdccfca3f7a44b2078e63159e8eacb648f9e3f9032982dbe10dc89","ssdeep":"768:WVDnVrD5m8HVHZIEzSV7BTxx4mu0spQ1+jmzpvACS+eAuQnQ3O1+dCDWi6OzlTd3:WVbVXIVCHKzpyAWMkG1sn8B0upp","tlshash":"e583d54a7254b47206dfa176807f460fb2376899a50b802cb869d8ed2e7cd893177f7c","first_seen":"2023-03-07T01:06:22Z","last_seen":"2026-06-07T20:10:03.793437Z","times_seen":2887,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":111,"dns":0,"connect":0,"send":0,"wait":34,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//css/custom.css","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//css/custom.css HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/css\r\nContent-Length: 2140\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2140,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"d7a9e8e000a4588d7b19829d076084e3","sha1":"b80c7204cdfcb1bea8f6c30fa0878379f958414b","sha256":"a5211d4b2bbbe309637d0d276e5c5329443dc651b1c87e71f877f32d529ae497","sha512":"9c071326ee33f1965f7f88cd4ac53288aa7f1bb9f9d8e4b1b8e7c4afee45cd6cbb8c40b2642e7a1f07e6fa3714e36b2b8611efc3eb3114b1c8f2bb051b656d0e","ssdeep":"","tlshash":"7d41e1b9ee8010472137cbb07bb9d999ff9d61a38e2406b837d872794fb65a44831c4c","first_seen":"2023-05-10T00:15:59Z","last_seen":"2026-06-03T20:25:55.450311Z","times_seen":50,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":79,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/frontend/testimonial/5fce3c75041ad1607351413.jpg","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/frontend/testimonial/5fce3c75041ad1607351413.jpg HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2533\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2533,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 69x75, components 3","md5":"0e51fb31b58147127c9ceaaccfc7697e","sha1":"d03ce36f5710a32c27fa9faf826bfc567b2ad28a","sha256":"5909589214b5346c614c18f296378a1ba9e457e981a0b8c0f5b694c50a53c9f5","sha512":"e0719e90fb697326655365af8cd76767fbdea3068d5615297a900df369f7265350cc18dc0302a7ade29435dbab0b596bf26b9310ecfdb4f8aa01a8d69479118d","ssdeep":"","tlshash":"8a512c7a270317e17f5784f1deb62e5681f48953ac1a800f3bf103559f42b82b40dc18","first_seen":"2023-05-10T00:16:00Z","last_seen":"2026-06-06T10:02:16.240818Z","times_seen":27,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":308,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//js/vendor/wow.min.js","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//js/vendor/wow.min.js HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 8415\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8415,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (8385)","md5":"36050285bfeeb7395752f0f9bbc08273","sha1":"5924f7bbbf1dfa3f0926851d01f782f23a59e805","sha256":"0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69","sha512":"bf887e087c52583114b77bfb417d7dffa0ee8634d39155af14591a24b2add9ef4c8a0c0555364122800d07a55f5f1fb0c723b39541b069a437ff558ddbf380a3","ssdeep":"96:UrZgL1xvPV6GqKgR6TYLWHFMLJA6pOROVEE1fosvGeaMozHImBaoqbl:Ury9PVfIFrlAJROVEEdos+eatzHILoA","tlshash":"750267c97a967031d75796f6833f0106b6361aeeb028047cb5b88dd57c78868523bf38","first_seen":"2023-03-07T01:02:45Z","last_seen":"2026-06-08T06:16:59.55386Z","times_seen":12763,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":123,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//js/app.js","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//js/app.js HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 4720\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4720,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"9f514ed4d4b04ed97a8099ec19a9f807","sha1":"d8e7ef96db3c42230fa7d5a2dc88f9cb4ac7c63c","sha256":"9d31816a06ef838ff7aa696a66f4be560b949b9e1bc591ccdb592a602dcd2cc9","sha512":"07e8e13a08ce5db2258b83c4031236eeb913ce082ee53f0501a5618f7267f5c6078de35e83f74e88b5a5599b5d3023c2b7c1621cff3bb168b14fcf2c3b40893a","ssdeep":"96:XvpBTSaHHFF/1Hhdz73EL+3QgU7q9LNq3pcTISpS:Xv7F8L+uCgIps","tlshash":"b4a1cc0ae801117b40bf7379d925ab09f7971327c28a0a13bafc05885f71a59b6d0dfd","first_seen":"2023-03-07T12:01:52Z","last_seen":"2026-06-06T10:02:16.250074Z","times_seen":85,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":126,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//css/line-awesome.min.css","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//css/line-awesome.min.css HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/css\r\nContent-Length: 89729\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89729,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"73db02545cf13e8c82b51b62782df0d6","sha1":"c1bd14187b6dcb36efad21e51711f8941801de0f","sha256":"ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854","sha512":"bde6d4962ab1ad5901cb782e70c842966c903fd3a7fc701641d2835d168095bfc52ae4dbc648cf294caa54ec40706c050e46bbf5e4c5f985f07e47b5877ff07e","ssdeep":"768:1b+0d/C5eXnu2nnY8G3104xUse1LN9abc4VNRvTdgBngf79IcjJv5IopdU6:1b+754u2nOW4xUse1exx7HD9hU6","tlshash":"cd938abbd52d69c4b321c847bf4133b92886f56daaa20d50f28f544cacc269612e4f7d","first_seen":"2023-04-05T07:54:02Z","last_seen":"2026-06-07T23:00:25.69172Z","times_seen":6866,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":51,"dns":0,"connect":38,"send":0,"wait":70,"receive":42,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//css/main.css","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//css/main.css HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/css\r\nContent-Length: 74350\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74350,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"684105f0125f73f6023c677053a01711","sha1":"eb7f2c6191f2e24dc1b007b28fc964678c08ee55","sha256":"9e8933d7de8302f9de5fbad4813dfcb2e40cb6359d894520b8f1167a7dca19fb","sha512":"ec1dc08a635eb66c73d3cf6660f30509725079304d21c9f3e601bec68222355a5266302d96e2ff65b778c20df74e05121d2beeb7d59b420688acb156379aa86b","ssdeep":"1536:pFUwKrF/2Ws3UwKrLUwKr7/UwKrmUwKr8zUwKr/hr6UwKr1UwKr7UbTUwKrdUwKA:zUwKrR2tUwKrLUwKrDUwKrmUwKrEUwKa","tlshash":"50736eb2a9e70444712bd9186befcba4337ca143101adea8b7cd725d8f456f844e1b8d","first_seen":"2023-05-10T00:15:59Z","last_seen":"2026-05-19T05:30:13.713725Z","times_seen":30,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":34,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold/css/color.php?color=CCA354\u0026secondColor=000000","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold/css/color.php?color=CCA354\u0026secondColor=000000 HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/css;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4564,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (446), with CRLF line terminators","md5":"c55b7090459356e0b486ffc108319f19","sha1":"4d26214d98b871619fb6b93332b61f3364f2babb","sha256":"9718f6720244d2f315ac1af36115379dc41189abd6f1a0876d809c6abbf64716","sha512":"fa9c7496ab9e2e75a84061bb3a787f88dae7084af5e16f994a0eda3c85644cff997305ba9874d498088082c66ed6285adc08581af5d42ade8c71d2192cec9d73","ssdeep":"96:q430t9s/YwL1RwrYBtngLRcw57Lp/ywoznHnv/Ri8D/QXXjELg9G3TjHCU:r895wL1R/qcw57LDeHnv/RvszELg9OT9","tlshash":"88918ab8d55e19571b2b4f3eba7c9751bb3a21e1c80546367ba252380ff61b81e73c08","first_seen":"2023-05-10T00:15:59Z","last_seen":"2026-04-30T04:34:27.356624Z","times_seen":17,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":96,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/frontend/team/5fce3b441d86e1607351108.jpg","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/frontend/team/5fce3b441d86e1607351108.jpg HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 18657\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18657,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 280x296, components 3","md5":"778205199249fe051e6faadd3f95fa98","sha1":"b0fb8e18397de84d68249124df7b52c25ddd62a0","sha256":"f249b931f5c6016a6907ceb0a1f828e43163f63db6dcb6de900cba0822325e98","sha512":"4d5150b9ceeba5717b601006c3dd4f49d283b29da6e5a5c6a54a7af6e28b9902b2385ec1c7e341ba2a05347aa7c1a2d170e8999ca5b98275393891724073132c","ssdeep":"384:fqYUoFUX8t0GvHtmtGBdYgM7sOXOQG+ZC/kqeDeDHx4eJoeto4:fBUo48t0GvHtmMdM7sZ+obeDerBoeto4","tlshash":"3d82d1134d0637e4b8d6d87ac71b0c99a6cd57b8103c3306badea769da835ce426ce19","first_seen":"2023-05-10T00:16:00Z","last_seen":"2026-05-19T05:30:13.735352Z","times_seen":20,"resource_available":false,"data":null}},"time_used":379,"timings":{"blocked":342,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/frontend/blog/thumb_5fce37cc2b8101607350220.jpg","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/frontend/blog/thumb_5fce37cc2b8101607350220.jpg HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 33433\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33433,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 555x293, components 3","md5":"e1fb7e646324b88aba61f031ac180003","sha1":"28b7c78db21663d4d88e5fa13c6ccb808ed70814","sha256":"72f1b9328d05546c822f164daf3a23c1e7f8a611527e6658dbe0aa09b7fff403","sha512":"ef783373fd8ce4a3c962654978ee76ec13b3fdd60f159ef0d4c7df3ffdef1bd0bc118cf103bfd93f35db08988a4e445ef825d01ae06f6e9ccd2bcd0705cea4e3","ssdeep":"768:kZng+yAN6Euk0G14K7WoIjEVRCruL/5dnFIONA:kZnX6Ed0qCoIQ1dniONA","tlshash":"6ce2f1b47c920bc697ad921d324f3b7effe0501a160622ca56b4056c1d10fe76a9a7c3","first_seen":"2023-10-21T04:58:04Z","last_seen":"2026-05-10T05:09:44.689474Z","times_seen":13,"resource_available":false,"data":null}},"time_used":330,"timings":{"blocked":295,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//css/vendor/bootstrap.min.css","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//css/vendor/bootstrap.min.css HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/css\r\nContent-Length: 160403\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":160403,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65324)","md5":"3afe15e976734d9daac26310110c4594","sha1":"4f14a09a606c99a11f8fda15564ef66f70402826","sha256":"680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c","sha512":"aced925c428148809afc07f28442b966a58508ea24d6b7203d87c63aab57df93b28ab68183a5dae0d9c12705e0a484685de5a370099c42788c869db686d0dcea","ssdeep":"1536:2THqIJOT7SyEIA1pDEBi8yNcuSEeA1/uypq3SYiLENM6HN26H:YH9vGGq3SYiLENM6HN26H","tlshash":"03f353a6f5a0312de4a7c61964d0bafd152f8245d7224bfbf8273b6447892c70a73e4c","first_seen":"2023-04-05T04:00:44Z","last_seen":"2026-06-08T06:48:18.630837Z","times_seen":24672,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":76,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/frontend/testimonial/5fce3c57867c71607351383.jpg","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/frontend/testimonial/5fce3c57867c71607351383.jpg HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2690\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2690,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 69x75, components 3","md5":"1b504bc17f5fb9c1c7eaa2cc80bb2779","sha1":"b8603753460af2bf2b6c9ff6744305c7b1f8110f","sha256":"cc9eddb7afd070eeedd4e79eb206fa12bcf11f19bb566c7f480d2a0786904edb","sha512":"0cfb59bc226caedce7327003cecfa9e8d27c136240b11c47808c568296280ad409dbfc7acd9b82f6f974134a5ddefbcd2fd1bb2195fef5ba9f85e2393ed5c5af","ssdeep":"","tlshash":"e8513cbeaf9713d1b557c07ea46d1cf692f9aec8b0801316cdf642944e64de4298444e","first_seen":"2023-05-10T00:16:00Z","last_seen":"2026-06-06T10:02:16.297837Z","times_seen":37,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":309,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/frontend/team/5fce3b5057e001607351120.jpg","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/frontend/team/5fce3b5057e001607351120.jpg HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 17951\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17951,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 280x296, components 3","md5":"c106cfb52ed9a0cdb0bff868f763cb3d","sha1":"17a4ed0b726952aae905f17863984df43b61f096","sha256":"1edb0fd66103fb946eb1efdcb701a86346acec64be5da10b405a660c4d2cdd09","sha512":"c5d19b2a46c7210b536245b3f1b4025fedb1b974cda797294224105e511722bc5f18cb188a27f3c940b566ba91242b103e466c6405dad88db9a81b6519d34ebb","ssdeep":"384:f8XCGW1JNrY54wsuYq3zhgh2+R3urO9TKRhSkxwtNAHXlhs6+vfC7:f5GWDu5PYq9ghPR3uysTN6HAHX3j17","tlshash":"6082d1f5276746c835b34c1acded0e5c8dc50ae619b0bacb3ec607845b268b7c201e96","first_seen":"2023-06-13T07:01:16Z","last_seen":"2026-04-30T04:34:27.366321Z","times_seen":19,"resource_available":false,"data":null}},"time_used":375,"timings":{"blocked":340,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//js/vendor/jquery-3.5.1.min.js","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//js/vendor/jquery-3.5.1.min.js HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 89478\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89478,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators","md5":"b61aa6e2d68d21b3546b5b418bf0e9c3","sha1":"9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7","sha256":"f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b","sha512":"5882735d9a0239c5c63c5c87b81618e3c8dc09d7d743c3444c535b9547b9b65defa509d7804552c581cb84b61dd1225e2add5dca6b120868ec201fa979504f4b","ssdeep":"1536:/jExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvaks:/Yh8eip3huuf6IidlrvakdtQ47GK8","tlshash":"3193f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:03:09Z","last_seen":"2026-06-08T05:58:19.699944Z","times_seen":16775,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":96,"dns":0,"connect":0,"send":0,"wait":74,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold/css/iziToast.min.css","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold/css/iziToast.min.css HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/css\r\nContent-Length: 41505\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41505,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (41419), with CRLF line terminators","md5":"b2f7bdc3ed47f5956551ce0333925792","sha1":"d2c6cd54cf8a6c040c28844b306543b76eeab8b8","sha256":"7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01","sha512":"3b4de7b57a15a9a1944c07809af436612ce40af72564470f42ed5eaa5a0f6877c9e51b8d1a24b897edddb9a89d0fcd353f9d09dbc107ca89c2574e825254d26a","ssdeep":"384:wV5zpPVWahj8Ik/4kYip7pHRiJhkgL6LlG1oLzlRCPoA50UhLoMPFPsR4lweGbzi:MPVNhlHgppGf1oWQA1","tlshash":"b21345fd15f0124454c6ab4296da6a980e3fcd9770ea1cef32cd344b8b46b9e136532b","first_seen":"2023-04-10T01:55:59Z","last_seen":"2026-06-08T06:16:12.94119Z","times_seen":1403,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":127,"dns":0,"connect":0,"send":0,"wait":37,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-19T13:34:57.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nSet-Cookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; expires=Thu, 19-Mar-2026 15:34:58 GMT; Max-Age=7200; path=/; samesite=lax\nlaravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D; expires=Thu, 19-Mar-2026 15:34:58 GMT; Max-Age=7200; path=/; httponly; samesite=lax\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Slick","description":"","website":"https://kenwheeler.github.io/slick","common_platform_enumeration":"","icon":"Slick.svg","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":54498,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (445), with CRLF, LF line terminators","md5":"e55c21e1aac65b57e030ba208820f734","sha1":"4d8496dff8139203db40b06317f98456e561999f","sha256":"fbda6dedc18f354a15c535a23fb6c5cc95a83f35da09af0051d1e91c8fca5799","sha512":"9f75f950f46874526cb0ebc7ff77cb566ef4644e2180d030abeac61623295292356358fad51180e3ee93ff60bba9418450835b30d74b77bf4b68a5632f088ff4","ssdeep":"768:5+5ESfZvfCa6oVfMWdyGc+NEzETyc2baPx:w5EShvfCmM05aETyc2baPx","tlshash":"19332d3154d5203302b390a66a316b8eff918247cb5b8644b6ec5bcb2ff3d12ed57a19","first_seen":"2026-03-19T13:35:22.496531Z","last_seen":"2026-03-19T13:35:22.496531Z","times_seen":1,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":94,"dns":27,"connect":34,"send":0,"wait":106,"receive":35,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//css/all.min.css","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//css/all.min.css HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/css\r\nContent-Length: 58578\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58578,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (58392)","md5":"76cb46c10b6c0293433b371bae2414b2","sha1":"0038dc97c79451578b7bd48af60ba62282b4082b","sha256":"876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84","sha512":"2fb31670aec534f73036a9cb759abcea54c760b750a996b3e58700804fb97271a6970f094f4dd0076fa8c4bd74d14781e9197364b531086492e3ffbe98d65dc7","ssdeep":"768:FEC319PiyLNq4/xMoAUHJ2kEBR/MMQyYJrXjBrth5Qzl:FEkPxLE4/6mHQpBCfdj9tMB","tlshash":"b643fcb8e54c01c9a731c44bff82b2bc61b6f73de5914d95f00e691c2ad26a811c5fba","first_seen":"2023-04-05T14:02:03Z","last_seen":"2026-06-08T05:15:57.292822Z","times_seen":9604,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":43,"dns":0,"connect":34,"send":0,"wait":69,"receive":35,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//css/vendor/dots.css","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//css/vendor/dots.css HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/css\r\nContent-Length: 67241\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67241,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"098cc70c6bc15e43430a4dfc1c4c2f25","sha1":"bb5af7f516427cce88bf566f044e2c779659f1e7","sha256":"b0d06551a3b7cc886cabeaa2f1d49676fd77f14e7ec7f89f0e0507065ab0788b","sha512":"bc28d2658de9143be713eab0ac13e788f40fee758bb192e1bfbb9096a4f12493c91301e89f1532dde05b6cede9945ade397b09cff68497484501a84352ecced8","ssdeep":"768:jwx+zRmBrmbwx+zRmBrmUmK0cdCmK0cdzKZx31bGB2npKZx31bGB2nd:ep1pZNdCNdYid","tlshash":"c263b57369010463f7b5c0eb8c6295079934b2cae61d6e63b37581acff91178c7ba06b","first_seen":"2023-05-10T00:15:59Z","last_seen":"2026-06-06T10:02:16.244466Z","times_seen":72,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":51,"dns":1,"connect":35,"send":0,"wait":66,"receive":37,"ssl":43},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/frontend/testimonial/5fce3c918a04b1607351441.jpg","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/frontend/testimonial/5fce3c918a04b1607351441.jpg HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2177\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2177,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 69x75, components 3","md5":"5c6059b21f93cd39a21553f67311e55b","sha1":"55ad344be7f3054c033fa9e1d06cdb0aab30c056","sha256":"877d882af5878b78ae1c91421a54b28568fa7e5f2a696c051a1bfc749d9e0440","sha512":"f57f50c6ac6663e7aed20881e043af44b8b82708f1f86874b3d999fe87457daa2cd877916c531ecd19d3cb725d0622bfa2d68979ab46c043c2993ccd4754a6a3","ssdeep":"","tlshash":"63411a5e0ba34be1b92745f6618a2ee3d3de90a13ec5ee467ed4106004e0ad54d9d4a8","first_seen":"2023-05-10T00:16:00Z","last_seen":"2026-06-06T10:02:16.345708Z","times_seen":39,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":307,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//js/vendor/slick.min.js","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//js/vendor/slick.min.js HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 42863\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42863,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (42862)","md5":"d5a61c749e44e47159af8a6579dda121","sha1":"3b41b3bc956685015a347a2238e71db29dfa0dbb","sha256":"0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740","sha512":"5ed98cb4311c373da3ede92bb47bce551e22c30683ea8fc55097baf99abe1e0702b24de48f8b9241047cc1e4364158f5a343e4e8fc182e8866db4e99ccd7ee6e","ssdeep":"768:4rkkX123A5YHi6pWzYdlNWYcx16nnYdXRRMd2KYCQCsPShb1ez7RFmYH:EPrYdlNixEePiYH","tlshash":"e513a549d205276285d721e62105c40eb3f7fb3cba22c0e475c9d3ea646ec4896d7bfa","first_seen":"2023-03-07T01:06:34Z","last_seen":"2026-06-08T06:39:20.964456Z","times_seen":99456,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":111,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Josefin+Sans:wght@300;400;600;700\u0026family=Exo\u0026family=Playfair+Display\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Josefin+Sans:wght@300;400;600;700\u0026family=Exo\u0026family=Playfair+Display\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 19 Mar 2026 13:34:58 GMT\r\ndate: Thu, 19 Mar 2026 13:34:58 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8065,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"867b159d8d99792f9c667fa92e69274f","sha1":"95ed086a3c081babf53f273d6604278f02cd8718","sha256":"669dbd06ea2bc5bf8699b6e5ca1cfc85445ba87dd36502d52e0cb8f667a607d8","sha512":"6e9652244e7bdcffd3f73541db99f11f61ddd0dfa0a6ebbe148b6d1f5d32459612945557949c3a7ad1346512ba8b9224dda2fa75223fde54196e7e30de8ac9dc","ssdeep":"192:c8wgrKKCjXzrjj+zNFj0zOmjb8Hu2S2pUu2Shu2SYVu2SW:c1/mQ8O2SuD2S02SP2SW","tlshash":"5df100e1042ae650db831dc223ce7e329e9ea1557440c979affd18ccec5ec296365b0d","first_seen":"2025-09-22T09:55:56.170849Z","last_seen":"2026-05-31T05:40:31.467572Z","times_seen":92,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":93,"dns":3,"connect":7,"send":0,"wait":20,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/templates/bit_gold//css/vendor/slick.css","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/templates/bit_gold//css/vendor/slick.css HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: text/css\r\nContent-Length: 1776\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1776,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f38b2db10e01b1572732a3191d538707","sha1":"a94a059b3178b4adec09e3281ace2819a30095a4","sha256":"de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5","sha512":"c11e283612c11dfeec9a3cb42b8a2acdd5ae99dfabe7ffba40efef0dd6bbe8c5b98ae8383d3eeff3a168124c922097eddd703401ee9ac6122f1ebab09bbf7737","ssdeep":"","tlshash":"c931294845b389468416808d5fd7ca6d2bfff0130829e199ba8d1306cfce7d8a9c26b2","first_seen":"2023-04-05T08:37:21Z","last_seen":"2026-06-08T06:43:24.059275Z","times_seen":65789,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":53,"dns":1,"connect":37,"send":0,"wait":35,"receive":1,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/logoIcon/logo.png","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/logoIcon/logo.png HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/png\r\nContent-Length: 86352\r\nConnection: keep-alive\r\nLast-Modified: Wed, 23 Jul 2025 22:20:54 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86352,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1829 x 537, 8-bit/color RGBA, non-interlaced","md5":"1fa50b345878f6567a8fc0b69a6e3f57","sha1":"c7240208f6b5be38774fdd516569d01068b9a155","sha256":"5f451311d9826039f0c2043cfe2bc590913cbe342c6a20096a0a344b44ca0717","sha512":"13eb7457c632c66bce76f5ce808d6f042442cd430081dd4f943d2f60a3c67af6005415a77092ce87f06527087c2646251b769a66dcfdadd7171c701763d049dd","ssdeep":"1536:z++fsMmxPlVYaG+7IEv9YhDwIpgYMcuEYWrQNZgdaflA2pryJ5aG:683mHVYaGFEv9IK+YRTYK7G","tlshash":"8f8301cf052bc366dc7f687d287a85ca6520e3f1255ab5f18c7bd91ad68e1601c329c0","first_seen":"2026-02-22T05:52:03.554257Z","last_seen":"2026-03-19T13:37:18.181573Z","times_seen":3,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":350,"dns":0,"connect":0,"send":0,"wait":36,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/frontend/team/5fce3b6d71cdc1607351149.jpg","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/frontend/team/5fce3b6d71cdc1607351149.jpg HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 16278\r\nConnection: keep-alive\r\nLast-Modified: Tue, 01 Jun 2021 19:49:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16278,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 90\", baseline, precision 8, 280x296, components 3","md5":"5cb232a3fc46f42c35975c601bcede9f","sha1":"9152404007c6f2b1a79abcdafcdc85a001ba96ed","sha256":"c519bd0467721c620913ada8bc7ce41ce7063df062f0c0ceea4abcde105556a1","sha512":"d571802e81cb85a0ef5c1b7efa0c1db358fc7d603983b87ab1a5d6daf25b3596a89982dd600efa290dc0797ee8a41f3bf139fb81124aea0972c875915ae210c6","ssdeep":"384:f1GD7S4d7C6It3I7U4nBNjjLkMlhoH4FKNVY90xv0j:fod+6C3I7P7FlhoYF6VYWx2","tlshash":"7272d0079d4a23ffa742d8b40788cd07d0d9bf0ba6c5590a39e1a431e3e9dd86eac548","first_seen":"2023-05-10T00:16:00Z","last_seen":"2026-05-19T05:30:13.740892Z","times_seen":20,"resource_available":false,"data":null}},"time_used":371,"timings":{"blocked":337,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bytewealt.com/assets/images/gateway/6881503372d1f1753305139.jpg","fqdn":"bytewealt.com","domain":"bytewealt.com","tld":"com"},"ip":{"addr":"91.98.185.58","port":443,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bytewealt.com/","date":"2026-03-19T13:34:58.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bytewealt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 22 Jan 2026 14:26:20 GMT","end":"Wed, 22 Apr 2026 14:26:19 GMT"},"fingerprint":{"sha1":"EC:4D:F6:52:32:A4:8B:AE:DD:7F:FB:2D:3B:14:83:6C:24:6A:57:D4","sha256":"74:A9:DF:19:72:FE:58:7C:31:2D:26:35:ED:29:EB:93:BD:46:D5:A6:D7:7C:D0:B0:23:05:BA:EB:FF:B1:B7:95"}}},"request":{"raw":"GET /assets/images/gateway/6881503372d1f1753305139.jpg HTTP/1.1\r\nHost: bytewealt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bytewealt.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjB4ZjdOQnVCYVBsSjlqSTVhdWhzNEE9PSIsInZhbHVlIjoiU3RNQ0k4RXd2dGFlQ1R5a0FWdHhZSVRBK0pESnFSTnl1QTI3WEFaVmZYWmthY0hNUnhhMzh2NE1aNVlQblhQazdZeFBHQlNRVWthVUZ2TmxpQVFjRE1WdDVBTTZtUnY3L0M3WU8rb29heVg0VE9xek4yR2lyY1hKemNJWmROUlMiLCJtYWMiOiJjMDljNmU1NmQ2YmU0ZTQ4NjJhODk2MjkxMTQ5N2Y4ZmI5NzI5YTU3YzI4NzAzNWZmYzY3ZDAwNmI5ZTYzODU3In0%3D; laravel_session=eyJpdiI6IlNVa2k2TVF1TC94SHl6em1xK1Ewemc9PSIsInZhbHVlIjoiU04xbU1CeFVuVkgxREpiRW43MUEvN0tRdFp5T0ZkVVNHaFUyQnJmb085Qjh1czZCSm9iZUhydkc0ZGpGNG9MMUpnOVRZak84QzZocjk3ZktwaHdiNHhoSUFrbWlaRWtZNVYvSmkyVWk4OUJhaFdDamNYdldxSXhDV0ZhdEFFeFciLCJtYWMiOiJmNmEyMDVjYmJiN2Q5MzM5ZThiODcyMGFjZGQ0MTZlNDdjOGNiOTMyNTM3NDU4OTY0MDQ4ZDNhZDM5OTYxN2E3In0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 13:34:58 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 129324\r\nConnection: keep-alive\r\nLast-Modified: Wed, 23 Jul 2025 21:12:19 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129324,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 800x800, components 3","md5":"69fdda32c3c006b783e5f998aa672189","sha1":"d9462de0932cd199c57573104c1718195bf03b96","sha256":"e3eec0f959b0af6549a18240b9b270e7902593ddc11be3c7fb05a52eef0160d9","sha512":"653ee317d91b103e1868cf967e32dafcd9038035edcd5bf7b4f0ce2820aedf4d2dac628676ce9fb79bf9d38f060e26440a0f0ffeff1efeb5d7864e30df556df2","ssdeep":"3072:/dYyDBT/YRWFwBFAF67rjuow8GfxnNzdIAnukShlGxNwm5yQlCA:/Gy5jF2eF67rlkJNZIAnQhlMyQF","tlshash":"57c3124a2eb821f7fc3725b276926c95c2b8e3907793100246c94857f58fb974ede790","first_seen":"2026-02-22T05:52:03.575165Z","last_seen":"2026-03-19T13:37:18.191054Z","times_seen":3,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":340,"dns":0,"connect":0,"send":0,"wait":40,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"bytewealt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}