{"report_id":"8a4b5f2d-3cdd-45c5-aa40-e48185708801","version":6,"status":"done","tags":[],"date":"2026-02-04T13:46:05Z","url":{"schema":"http","addr":"gateio.bccbhxf.com","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"final":{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"title":"芝麻交易所gate官网 - gateio官网下载最新版_芝麻开门安卓ios下载","dom":{"size":47044,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2908)","md5":"ebd1caa7016d2b5d08aa63f829c04d15","sha1":"1e8a50952da80b74c0d9a2e4da4b515cd385a888","sha256":"70bd0b8a990d12c7e01b61667fa91dfddbd9b11ea1ba02689a32896360a7d5c4","sha512":"b041273e3ba8c560de8c34effa9abf7572ca90c8ca4c422597090a93bd5ed4718bda9987c3fcfb955cb9dff4c668ed2fbafe3a8b348294ccba371fa001516889","ssdeep":"768:rOIIdZIrWOeqZb1lwXKuopcy8+EI1FJWjeJCYlfQPMMfa:KIIdZIrWdEhy1oGlQF0QFlfQo","tlshash":"6123833249d92c770a3362c74379270db493e57bdb6349c6b3fd06842b8bea6c91641b","dom_hash":"domhash44c197eee2c8298477e4fdce2727f789","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gateio.bccbhxf.com","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-11T13:46:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"hm.baidu.com","ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-02-02T01:44:03.24111Z","alert_count":0,"request_count":2,"received_data":30886,"sent_data":1305,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"www.bestwheel.com.cn","ip":{"addr":"116.255.233.104","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2019-03-04","domain_rank":0,"first_seen":"2026-01-08T13:47:04.210057Z","last_seen":"2026-01-08T13:47:04.210057Z","alert_count":0,"request_count":1,"received_data":4579,"sent_data":460,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bestwheel.com.cn","ip":{"addr":"116.255.233.104","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2019-03-04","domain_rank":0,"first_seen":"2026-01-08T13:47:04.205759Z","last_seen":"2026-01-08T13:47:04.205759Z","alert_count":0,"request_count":1,"received_data":4498,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"gateio.bccbhxf.com","ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2018-09-10","domain_rank":0,"first_seen":"2026-01-08T13:47:04.207002Z","last_seen":"2026-01-08T13:47:04.207003Z","alert_count":51,"request_count":51,"received_data":1290981,"sent_data":24276,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.sywrxfs.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":0,"sent_data":874,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/script/jquery.min-3.6.1.js?v=173410","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c14a783dfeb3d238ccd3edd840d82ee","sha1":"ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b","sha256":"80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0","sha512":"fa3e021ca60a9adbe570c6565c7370727904c4396c23a4c519daf258d05fae3e17bfb7607a0ab6dfe2b7150a4ec1b6a95e6d49675291be5f6a4e5679ad78d858","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1vN:DIh8GgP3hujzwbhd3XvSiDQ47GK/","tlshash":"6f9309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89500,"data":"","first_seen":"2023-03-07T01:06:20Z","last_seen":"2026-06-08T21:57:43.586528Z","times_seen":19814,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_system/script/c_html_js_add.php?hash=\u0026v=173410","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"e19b60d2dfe4d3ee0ed4a540321f6191","sha1":"895ff214dd40335574ce37c6b7f4a5ae9201d525","sha256":"74fe706305a081e4bf1e53403e0a588c397ebedafd75aeae95a82c9121938789","sha512":"ec983a8b2c9348bde53f1f39a5e306bd1636655dd48060a8d3b35ea3534d52becbb138e54f6dc291b157235dd0ae0cc054c8b71fda3e8c1f2fa90b9cbfcdc60b","ssdeep":"96:6a6TOV06qZuiMRd1BhXJnbZ2THKrOSphiMMKDg8E:6aC+vf1BhXJnNAHYphiMNDLE","tlshash":"9591d7495d5a01a6183723f7c8af1508fe72166b8410cc26febc50682f32f859563fbe","size":4535,"data":"","first_seen":"2026-01-08T13:47:16.01905Z","last_seen":"2026-06-07T15:26:21.466422Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f5e0224214cffeb2935adae1d9351e8","sha1":"056ac932eb4e140f25183583bb54180796b062d5","sha256":"f56a103215460adebc9bcd4e42fd046234dbff3ceceb97a5e61a322bc45714f8","sha512":"e8b9aa915808e192fd83d1a4863fd5920ecd1bbe57a8d64cd7499c6c34f9fbb8a9b468da195ebce2449a9781cdc49d1654c2df6ea6d429e63fda94e6ad133e6a","ssdeep":"","tlshash":"62d08c39f026143045ab25bb81c753cc3460004ef803244a394c4b110770db021fa8c8","size":256,"data":"","first_seen":"2026-01-08T13:47:16.075956Z","last_seen":"2026-02-04T13:46:19.58201Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/images/okimg/bn/bn.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"9d85b0e64d22a2a905f9abbf53883dbf","sha1":"04c2870ed62447c4e93372ee2f70a83bccb9785a","sha256":"8ea7240ec36b55ce270435e0a2df596b3ef1d786d3ad826b0c51be8835f05c84","sha512":"8ba1b0952ee3a0c73ec438d3133913d1c8ce80a1fe1bd049ec8b992fd957f4bbe27f8011d373006eb4af0d4ec6a0f66ff71ede167e0a7275740ad5b6c76e647a","ssdeep":"","tlshash":"7621c06390e0121727eb61d2f5bb579e6ef1318fd6129980729e01905f81ce8c49f065","size":1426,"data":"","first_seen":"2026-01-08T13:47:16.057455Z","last_seen":"2026-02-04T13:46:19.576722Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"551894619ccb31b8e7f06d3985619e2a","sha1":"4691aba926c71cbb9dcac2cc37ee640d7734fc00","sha256":"648d43f928346ea5ab671c089e1c19695f021b49381dc39446b51da6f51d67bb","sha512":"594cf8eaf3ce13cecd803d17ec2225c01572e28194869fa95b689703b29fdb93cfa00e83b47ddc78a4c14f046e51998000499fbd904178557d91dcc0eb9a2ae9","ssdeep":"","tlshash":"f4d08c2af026147048ab24fb91db53cc30a1004ff842108a390c07510b72da421fb8cc","size":263,"data":"","first_seen":"2026-01-08T13:47:16.074547Z","last_seen":"2026-02-04T13:46:19.583182Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"6462e68d199220718a7ef652be24ecf5","sha1":"6f2266df8e2b45184a9400f1cca813fc22b33b23","sha256":"39ea52fd1152e684bde1eee9be5e006e7ede7194bd6186445eebdb020863dd88","sha512":"b0eef72fea3d351f80f790fd3a49c4aaf27b4cf2b098e3cd92e1f1b5c35e3e0ff5f3e577f9aa551857137be7af6cb366c27e894a720c4857d15731621ddb75ac","ssdeep":"","tlshash":"acd0950f1c55343433e5047d12bedaccb072604c607dd50080dde8114ea0ed54c3e7c5","size":254,"data":"","first_seen":"2026-01-08T13:47:16.083943Z","last_seen":"2026-02-04T13:46:19.584039Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/script/custom.js?v=2025-02-07","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"77b2ab7d5f04856135ff1cb5bf2b0732","sha1":"e12a0159fabdaa053ef6b4b37a3d9b77c811f7ac","sha256":"3ae8d3cdacf1777f985de300b30d8eefc9b8701832d4bb92b4ad7ce76e5807ec","sha512":"9e998801974f099d0f45d81fc8c5a493fa0ca17fdc16973c031e2f9458e674732d7c806aa824b3c3cc973316df4e08a08b502ca9b8eab8dc3f0d33236a122c0c","ssdeep":"768:eXufEc5HZ9CWOUTZpz4uZLPYpJKoKBZyVlVo08YZvst:eefFO2sucKBZyVXob","tlshash":"dae28694b755d22b47dd2d53947ea798223ac533c0c5b053b7acf68d0da4a0ec19e9cc","size":31582,"data":"","first_seen":"2025-10-13T04:05:07.138614Z","last_seen":"2026-06-07T15:26:21.464051Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-08T09:46:16.707277Z","times_seen":121589,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?7975dc6c181b9e4f41af3aecd3c80c18","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ea046e58c6468f6f9420f69cf9ad2d5","sha1":"fce122960665b5e37c0d51dd54ef85fe4be237e1","sha256":"041ed570dc52e62796085d1156a8f95099097b6f0897f12f407b510945e5f803","sha512":"385892461cdafd0a674be9401c03f3bce37bf1e88b9ea4afa736617fe16e5911b806da2ecc20deb2f3ce10ad38cc05b3f72e9a247fed471b32171f83be0c889c","ssdeep":"384:omJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:om4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"78d2d9a9b282713293a324a5153f324af07b5a54bd4968a4f11994c07d38fbb027bfdd","size":29904,"data":"","first_seen":"2026-02-04T13:46:19.566478Z","last_seen":"2026-02-04T13:46:19.566478Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_system/script/zblogphp.js?v=173410","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"5e8d86eb2c5abc94804fd6176a35b281","sha1":"921d2cc4615a58a094ddbcc6366437a94508fc5f","sha256":"11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332","sha512":"6504e48f68d98800228db18dc63711b216c299dad8d95e57d0f014c18a24a2ffbc62f6cfe98f5d0152d06da577efb550c20bc947c08101ea3c94d659f572ea17","ssdeep":"192:msL4JVH9jIULy46KgHlQGwH0Dx5qjplLO:m/jIUkHlQGwH0Kt9O","tlshash":"2fe1315cf5c476a103ab30b4088f028a64fb17ae6011d998d264e4e46fbdf8b5623f3c","size":7204,"data":"","first_seen":"2023-03-07T23:31:01Z","last_seen":"2026-06-08T21:29:54.599553Z","times_seen":2178,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/plugin/UEditor/third-party/prism/prism.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"436e8870ba117885ef700bbeaf798ba6","sha1":"7b242c9b1698d8cf69310101c64535c442b97949","sha256":"5867cef615756cb75b523c11e29d88f770ddb40fd51bc39cd60e3ba86d004fdc","sha512":"bd5f55dcdeb34fa64f49cc8badbe57a68cf0b2aa9d2799e31e998a44018352ee8d2326800975c914eb951069bf7024e9197aefa08e1a16e0c038aae1bf8acd71","ssdeep":"768:m5Y2fNvMbzlD2nW6uY45AHdw7UECX3b1ivdpMOxkKda2U6PDFDnNLDSAkvZrE/Jk:IYKEvN2W6uY4EwV1l42vd3gZAccRRx78","tlshash":"de535cbc5eb73d010ac7e1a6f8a29500e9221975d929791bf7e8d648c0f390742d3b6f","size":61131,"data":"","first_seen":"2023-03-07T12:24:55Z","last_seen":"2026-06-08T21:29:54.595892Z","times_seen":1778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/images/okimg/ok/ok.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"bd88a722bae4c3db7e2cd4fb9c3f64e0","sha1":"096baafbd37214f05d13dc8d55c88a49cf944570","sha256":"984a7aa268ebf5f6e3d9c8112d0967d791fe92e5365457acba74c8033bbf5bd9","sha512":"e1d32906ac92c4004f47cfe618bf7168a96cbfde3c02aca66670039766216886581ffc28798dec87502b4847fd46830c48a35c81687063cb9ec0bbcd03e318ef","ssdeep":"","tlshash":"4331be3254e0112723abb1c3e1aa534e6df1319fda17d9d0b2ae01919f81ce4c89f065","size":1488,"data":"","first_seen":"2026-01-08T13:47:16.056633Z","last_seen":"2026-02-04T13:46:19.551526Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"eval","is_inline":false,"md5":"8b5855d3a0f39ebf70bf860c8f6950eb","sha1":"7b9450868a0bce892505c2dbfe1af5411b37a062","sha256":"59830031abb3f44fa893a5521122e6d4959b9ea87ca8c54a55332660c2c116f2","sha512":"17ba73fbf41138c274c839c35d7bbc3348bafcfc9d4b57e2c2d9cdb2cba3d38d25a01cde3ffa977c82450528855907a56ea48502898dece89f60946bb0419c72","ssdeep":"","tlshash":"e5e07d9d74a57f4305b73260287f5067520b7157d821de00a32892425e3d728d027500","size":312,"data":"","first_seen":"2025-10-13T04:05:07.237419Z","last_seen":"2026-06-07T15:26:21.453826Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"eval","is_inline":false,"md5":"dd6bc31d820b6d48789a805d9024566c","sha1":"f487a8c9f7097c4321820bdada7220eaebe1b58a","sha256":"ed90ba35310f8cbcbdc59ae29a856a5eeb07e4082a12ac28a6db75982d467832","sha512":"3ae62ea78a1299af96bf2f23f60f6c4e8a1235593e4d5744ce8855d5147ce567bd7ef47f7b0426a22ee491f849a96f02c4d77eedf3ffab97849a5a7e111e877d","ssdeep":"","tlshash":"f551ff0ff25467f320ff05a9b1beb27061179e1ac700d592f92510f14a09f80ab63b6e","size":2739,"data":"","first_seen":"2024-08-20T14:44:18.982589Z","last_seen":"2026-06-07T15:26:21.465844Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/script/jquery.lazy.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b3c64167a0c713159b17868570b9e71","sha1":"65487863f1f1b1aad51930fa980864c8d23054ee","sha256":"583d7c505d84b6bbc1f843e992093624699e52ffddfb28d58629aa66025cd846","sha512":"98c46b3aa9ed645da04ac6fc37f08723e3dd2b4bbca37e9da5aa9888b8e0e80425e75fdf6f0d38421cde8a14a15d0619a321774bbbb942535ebcc8f160b54b6f","ssdeep":"","tlshash":"2361b0493e06a13cb09ea67fc61b0309961ac51ba2b5e871a83584707cfced3a3135cb","size":3277,"data":"","first_seen":"2025-10-13T04:05:07.24502Z","last_seen":"2026-06-07T15:26:21.461439Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/script/zh-tw.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"c207d6a0dbd295b8230928cb546e007c","sha1":"311fcd6988af9b5c9e9060f616c9c27dab4d3ee3","sha256":"1ffce78c180034e2ea8a1020cc82eef6bcb2da410bfc60f53a6a90e203388d33","sha512":"bc707c25b7936b366e51e084887ed4ebf1541d2267af651bfb1f3213b84ce31d1d3f76398fa6f2fd145453b957a351bf8adcd06ca89fa8b141c6fc5c09e89fef","ssdeep":"384:kWwGFJQddNLH/GxKP/iGNxq/wH5vZrQBfGZICZjAGHXJYjwRoaqhd:kWtavN7FXHNxqOvZrWfCj1AGH+jcod","tlshash":"2fb26dc7b61655766343322a0a37c68f1c3cdb20141eb0d5f0b628d64d98a3792f6fa9","size":23668,"data":"","first_seen":"2025-10-19T01:25:28.546314Z","last_seen":"2026-06-07T15:26:21.460771Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/script/wow.min.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ddd82aee02ee7c6aefda276ef57d7ce","sha1":"4dd89e2be1ff16f3910423e1e49b6cbebe54e3dd","sha256":"3030a067c0c67c27bde0a619b837b8a156e9a7fe6b21b8d7ea2716854f7bdaf5","sha512":"3948c0483266d49bc99ecd1f73cca532bb93fb8d982bb7b0796fcb7fad6259e78329b65674c8e04b705a515e2df2295c7ec9db8b2cae52cc8156c5b021caf873","ssdeep":"192:Ep+VAMxYMNM8kYR2Xo5wfJZ2BTJ3Ij+fyJqCdVSV8/A1jZ:W+CM6MNMTlKwhiFTaqC77o","tlshash":"3e3272c4764970318b8b66b7531f4205773a2aaf406c049cfabc9de96874f15e32bb38","size":10976,"data":"","first_seen":"2024-10-22T13:40:13.153752Z","last_seen":"2026-06-07T15:26:21.45749Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"d655880cfb7d8ad2ce40342a33fbd5c3","sha1":"ef1c2d2c9360c64ea74f47a1cb1a9f0be386e445","sha256":"2a6303eba7262c3dcf350f7b304bd81d1aa247463bb9b960ef60ede882f46fd9","sha512":"231c00afd09c9821c3f0b3b3ba7c75697b55af52eec6c26c03bcb73d80644b9e19e1082a2cf3cbfa685d435aa5bcc4b24dc2e711bfdb5e891aba8b1639507099","ssdeep":"","tlshash":"24c01295704116f09acb46bb03351346ac91d49068574462c84645507914903d77fba8","size":167,"data":"","first_seen":"2026-01-08T13:47:16.084774Z","last_seen":"2026-06-07T15:26:21.451634Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"7a86277e3c869b86c2890792ab35eaf6","sha1":"791d56d941abe4168d20d35d7fdb124daad798d1","sha256":"e4e82b6e0eab6073fd75e886f0c517457cf9b87b7394599fdae61279ab7a8443","sha512":"bdc389708eef0a7f43692a1dcef61b896808e89853952ea4257514633905aee916ad965ccae56f5421e7b5bb4f69a99e476022fd249834eb359a65cd0bc7eb14","ssdeep":"","tlshash":"d2900297264901040a6a91946475600db951654ddb9041879645541404151979cb988e","size":49,"data":"","first_seen":"2026-01-08T13:47:16.085932Z","last_seen":"2026-06-07T15:26:21.452969Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-06-08T09:46:16.707277Z","times_seen":121589,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"cd4f5252f159b82a94f83dd1a3b92a6e","sha1":"4ef9b15f29e47d428149df699418d2d5b5bebcb9","sha256":"24f58097cfb9b060ff81934893ed4c1569da69f2f327a859562b7b9c09ed2d96","sha512":"7f2f51645484890744ecb254a48709e65f9691d07ead10db8554535a950467f8a23b9a1d85586dc398e891a608fde0f66b5f8acfda04ad06c12a93e52572e5df","ssdeep":"","tlshash":"aff097de63868c943de32eb8b51a2cd8708c0d29699dcc7cac40b4021bc613309d8adf","size":490,"data":"","first_seen":"2026-02-04T13:46:19.58957Z","last_seen":"2026-02-04T13:46:19.58957Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"a999d55a786a50330570e970570cd274","sha1":"e13d7cc56e0ee81d452ad354de9a35c24c2a5ba3","sha256":"680e2f5eedd568d4011cfb165cd5ac7dd39446aba98dbfcfeda75a30bb4c5806","sha512":"f9a0022b137cf6f2fc4f77721db0bc6effe22454edc854625e5e6364b08714990e430eb2422b94c89b52b41dcdce20fd3a3289f78e1c4907e60c9363bd6aafdf","ssdeep":"","tlshash":"b7d05b570c0fd0d805352b81d931a81de8416544afb5c4ac95f64829584a78d8a1fa6c","size":250,"data":"","first_seen":"2026-01-08T13:47:16.090786Z","last_seen":"2026-02-04T13:46:19.590367Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0c06191bccb06d51a714a1ba90bcf0a9","sha1":"5e4efada9c9453673b81327440cd1a496b216dd5","sha256":"50bb880775610c275f1d2f0c06919a525fd3e4f66ef93284518ac616d5d07ab6","sha512":"58a16a9e77ef32639eec93468ed404d61fc18f8ab06a22889675c77a5e26d6dc527f8266758f5c01552f8ae479ce047736ddf890fef6f59375fc36567f01273b","ssdeep":"","tlshash":"daf081716df1405b23e660c2f8db06465ff130cdd72a9990737e42e05386ca4986f031","size":639,"data":"","first_seen":"2026-01-08T13:47:16.09427Z","last_seen":"2026-02-04T13:46:19.591303Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c74cba4cf2e6fc0d5fa4e91b34d154fa","sha1":"a4a949d9f9d511acaa3ed615f0067e950c171f4e","sha256":"3f7723e3824ec40a581347bd94e0b3610986d13b7ee15755bc68521f2f96d943","sha512":"5c44f5c7393ef5b44c2514dc1f5d7519186673b7b8d4b7aee96a7f2030ee0bb0a5ee30edd0fad427966d28cb2712911c92a4e92d2972eaeace731cc6d2356cd8","ssdeep":"","tlshash":"d121ce72a8f0512713d7b0c3f0ab5b4eafe1308eea065880736e02d05382ca854af0a5","size":1315,"data":"","first_seen":"2026-01-08T13:47:16.09675Z","last_seen":"2026-02-04T13:46:19.591996Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/c0102c581b.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/c0102c581b.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":825,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":825,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/noimg/8.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/noimg/8.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-2ebd\"\r\nexpires: Fri, 06 Mar 2026 13:45:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11965,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x270, components 3","md5":"e0b8624607b7814a65faf08d1d717a54","sha1":"4afbf48193ef52cb3b9b8d339de349320f7249bf","sha256":"a790ce2fd33d29985b80b378b26cf9ce948d6236e55a44318ec5614311371d7e","sha512":"31bcaaf460c1c07968ecff35a6aa14d2f42f1d027fe952efd48ed8acb315629a68c2df3aee2b7cc6377a73c69a8adb4e87a7293f38cfb405cc073021359d16f7","ssdeep":"192:5nDmh64kgVf0p6qI6qEmkI8eqQaXrdMV1pI2i8ocflIZ/oCxsBJND2BuJFn:5DmE4k00cqVq5kIaQyr00oc/othSsJF","tlshash":"6032bf96e58b3c31fd0749f034ed12931161b1d8f08a5f7ecfeaa92396b65927c00448","first_seen":"2023-07-26T14:38:33Z","last_seen":"2026-05-26T05:43:57.260584Z","times_seen":26,"resource_available":false,"data":null}},"time_used":536,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":536,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/images/okimg/ok/ok.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /images/okimg/ok/ok.js HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 19 Dec 2025 14:32:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694561e5-5d0\"\r\nexpires: Thu, 05 Feb 2026 01:45:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1488,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, Unicode text, UTF-8 text","md5":"bd88a722bae4c3db7e2cd4fb9c3f64e0","sha1":"096baafbd37214f05d13dc8d55c88a49cf944570","sha256":"984a7aa268ebf5f6e3d9c8112d0967d791fe92e5365457acba74c8033bbf5bd9","sha512":"e1d32906ac92c4004f47cfe618bf7168a96cbfde3c02aca66670039766216886581ffc28798dec87502b4847fd46830c48a35c81687063cb9ec0bbcd03e318ef","ssdeep":"","tlshash":"4331be3254e0112723abb1c3e1aa534e6df1319fda17d9d0b2ae01919f81ce4c89f065","first_seen":"2026-01-08T13:47:16.056633Z","last_seen":"2026-02-04T13:46:19.551526Z","times_seen":2,"resource_available":true,"data":null}},"time_used":806,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":806,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/script/wow.min.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/script/wow.min.js HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-2ae4\"\r\nexpires: Thu, 05 Feb 2026 01:45:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10980,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10803), with CRLF line terminators","md5":"9ddd82aee02ee7c6aefda276ef57d7ce","sha1":"4dd89e2be1ff16f3910423e1e49b6cbebe54e3dd","sha256":"3030a067c0c67c27bde0a619b837b8a156e9a7fe6b21b8d7ea2716854f7bdaf5","sha512":"3948c0483266d49bc99ecd1f73cca532bb93fb8d982bb7b0796fcb7fad6259e78329b65674c8e04b705a515e2df2295c7ec9db8b2cae52cc8156c5b021caf873","ssdeep":"192:Ep+VAMxYMNM8kYR2Xo5wfJZ2BTJ3Ij+fyJqCdVSV8/A1jZ:W+CM6MNMTlKwhiFTaqC77o","tlshash":"3e3272c4764970318b8b66b7531f4205773a2aaf406c049cfabc9de96874f15e32bb38","first_seen":"2024-10-22T13:40:13.153752Z","last_seen":"2026-06-07T15:26:21.45749Z","times_seen":30,"resource_available":true,"data":null}},"time_used":789,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":789,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.sywrxfs.com/zb_users/plugin/ly_autoimage/img/1be34c48d9.jpg","fqdn":"www.sywrxfs.com","domain":"sywrxfs.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.465Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /zb_users/plugin/ly_autoimage/img/1be34c48d9.jpg HTTP/1.1\r\nHost: www.sywrxfs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":896,"timings":{"blocked":896,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/images/okimg/bn/style.css","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /images/okimg/bn/style.css HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Dec 2025 14:32:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694561e6-2085\"\r\nexpires: Thu, 05 Feb 2026 01:45:46 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8325,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (7378)","md5":"6bb32329b2c33551b13d8bd33eda9d1c","sha1":"4352a5e4062bf380fc83e02a26764a412d6a443a","sha256":"a8c90384672c0d4913c1035615ffdaf2b965cf178c557bbc7814ca4cebfdde2f","sha512":"195ea869a0abac2624069e3cfc6c4c62f5289079eaf61804687fac65d05e461cda4dd6a6e40ab2c5c5e5bce077831401703e4f299f18b60f0d12831a9a4bd23a","ssdeep":"96:zd/APgrx0Q6IOrL/WO09ScMG42K45Hcag68ym+Rzk:2GkL/WO09S12KgHcZ6bm+Rzk","tlshash":"fc0268d3f5e1211b666a9418ed977bbd6e7fb0928b008cf9b60ef3b887414d308e6414","first_seen":"2026-01-08T13:47:16.036163Z","last_seen":"2026-02-04T13:46:19.553336Z","times_seen":2,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/images/grey.gif","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/images/grey.gif HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nCookie: timezone=0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:47 GMT\r\ncontent-type: image/gif\r\ncontent-length: 49\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\netag: \"67bef9d5-31\"\r\nexpires: Fri, 06 Mar 2026 13:45:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ed280a0ea3cc38f3cbbc747acfbef47d","sha1":"6bdcb32ee75e957a5085c010f4dfd0c716bfdadc","sha256":"8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5","sha512":"4248e293bb759c3ac0ea71f545e10e85d0c3c7f1237ce8b18c6a3fd00499a11bdc0252c938be87359fa673c8e7a83c7cc6fc5d12718a68844c2615e5dca3527b","ssdeep":"","tlshash":"78900247b580c001c551c0301c0493541290a9604905134f6498336d9d761a10811404","first_seen":"2023-04-05T11:17:29Z","last_seen":"2026-06-08T21:43:10.324626Z","times_seen":3854,"resource_available":true,"data":null}},"time_used":648,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":645,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_system/script/zblogphp.js?v=173410","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_system/script/zblogphp.js?v=173410 HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 30 Sep 2021 05:48:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61554fb2-1c24\"\r\nexpires: Thu, 05 Feb 2026 01:45:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7204,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7204), with no line terminators","md5":"5e8d86eb2c5abc94804fd6176a35b281","sha1":"921d2cc4615a58a094ddbcc6366437a94508fc5f","sha256":"11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332","sha512":"6504e48f68d98800228db18dc63711b216c299dad8d95e57d0f014c18a24a2ffbc62f6cfe98f5d0152d06da577efb550c20bc947c08101ea3c94d659f572ea17","ssdeep":"192:msL4JVH9jIULy46KgHlQGwH0Dx5qjplLO:m/jIUkHlQGwH0Kt9O","tlshash":"2fe1315cf5c476a103ab30b4088f028a64fb17ae6011d998d264e4e46fbdf8b5623f3c","first_seen":"2023-03-07T23:31:01Z","last_seen":"2026-06-08T21:29:54.599553Z","times_seen":2178,"resource_available":true,"data":null}},"time_used":561,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_system/script/c_html_js_add.php?hash=\u0026v=173410","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_system/script/c_html_js_add.php?hash=\u0026v=173410 HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: application/x-javascript; charset=utf-8\r\nvary: Accept-Encoding\r\nproduct: Z-BlogPHP 1.7.4\r\netag: W/e19b60d2dfe4d3ee0ed4a540321f6191\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4535,"size_decoded":0,"mime_type":"application/x-javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1270), with CRLF line terminators","md5":"e19b60d2dfe4d3ee0ed4a540321f6191","sha1":"895ff214dd40335574ce37c6b7f4a5ae9201d525","sha256":"74fe706305a081e4bf1e53403e0a588c397ebedafd75aeae95a82c9121938789","sha512":"ec983a8b2c9348bde53f1f39a5e306bd1636655dd48060a8d3b35ea3534d52becbb138e54f6dc291b157235dd0ae0cc054c8b71fda3e8c1f2fa90b9cbfcdc60b","ssdeep":"96:6a6TOV06qZuiMRd1BhXJnbZ2THKrOSphiMMKDg8E:6aC+vf1BhXJnNAHYphiMNDLE","tlshash":"9591d7495d5a01a6183723f7c8af1508fe72166b8410cc26febc50682f32f859563fbe","first_seen":"2026-01-08T13:47:16.01905Z","last_seen":"2026-06-07T15:26:21.466422Z","times_seen":3,"resource_available":true,"data":null}},"time_used":842,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":842,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/720a5e3082.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/720a5e3082.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1546,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/images/yueliang.svg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:45.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/images/yueliang.svg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/zb_users/theme/hopelee/style/style.css?v=1.7.9?t=2025-02-07\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-6ed\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1773,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9a99d2bcef3e0e0f160d0efb8d44b075","sha1":"9d32ea6495148cc4f5f480f6f8ea53901401a553","sha256":"c9a798a51f67d0056eb70770ff6ae05c5ff36bd3d44494d387d4311c48725f77","sha512":"108cfb742c09c719ff809a7bcf89e3c2b14172bddd009421937211b2c351ce287f444b0e31befb9d3a7b7aedb5e6ebfb7856f016320915f7fe78ac91e7e0a999","ssdeep":"","tlshash":"823153d8d97db834eab762c7ef547b5c667829e3848ac170323488709ca2c92da006dc","first_seen":"2025-10-08T22:04:47.389054Z","last_seen":"2026-06-05T04:19:24.456928Z","times_seen":30,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/images/new.png","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/images/new.png HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/zb_users/theme/hopelee/style/style.css?v=1.7.9?t=2025-02-07\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-b0e\"\r\nexpires: Fri, 06 Mar 2026 13:45:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2830,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 52 x 53, 8-bit/color RGBA, non-interlaced","md5":"d2924e78c047f0d6c59bf92746f455bb","sha1":"bb04c42a63ef629ea22a58cd36ad8bef2aac2699","sha256":"6719bcbc142766d101bd589bf9262d9567cd554b99618e825cb93b051391eb8e","sha512":"971ed8b31c024f27c189a3c57a3305c3841b3db9c302b2a20c164caf74b6aa79facf6138ce5b0b96d1d09cf214462a27372713dc196628f83ab9c75c5c6e1e6c","ssdeep":"","tlshash":"8a513ac1825a1e6493f59b6ebd31fcbbe6d70b1ad3ab80c1762179245632d2136c22f4","first_seen":"2026-01-08T13:47:16.053649Z","last_seen":"2026-02-04T13:46:19.557361Z","times_seen":2,"resource_available":false,"data":null}},"time_used":533,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":533,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/0e7624c8e5.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/0e7624c8e5.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":667,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/noimg/4.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/noimg/4.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-257e\"\r\nexpires: Fri, 06 Mar 2026 13:45:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9598,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x270, components 3","md5":"71d8d7441ae1edddccafcb6fc28e371c","sha1":"4c45965c26bfaa4a202d782161275dbf086d0b8f","sha256":"64c4ddf84f980eff02adf48d512314cf0ee39226b81be382a5483f927e4ad10f","sha512":"2431cb4aa843da18d4fd900278bf06f5b7628fe74db1181c39ec56b55b2aa866a8bb0a5db4061abae01c6234081fce924ce3d7bf854b3539333c4ad75dc53df8","ssdeep":"192:543t4/85BoduQK5mI1YlCubQbCWxkcEiQSqX+4bxhjX5k:5Ce/waYQUm1Rb+EimXnDLC","tlshash":"5d12ae046fa7d0c9cd06ad220fe3ab360db99c64d0cd62d7e0cf995554b30985a3f1da","first_seen":"2023-07-26T14:38:33Z","last_seen":"2026-04-09T09:09:09.749188Z","times_seen":22,"resource_available":false,"data":null}},"time_used":792,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":792,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/script/custom.js?v=2025-02-07","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/script/custom.js?v=2025-02-07 HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-7b84\"\r\nexpires: Thu, 05 Feb 2026 01:45:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31620,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8218), with CRLF line terminators","md5":"77b2ab7d5f04856135ff1cb5bf2b0732","sha1":"e12a0159fabdaa053ef6b4b37a3d9b77c811f7ac","sha256":"3ae8d3cdacf1777f985de300b30d8eefc9b8701832d4bb92b4ad7ce76e5807ec","sha512":"9e998801974f099d0f45d81fc8c5a493fa0ca17fdc16973c031e2f9458e674732d7c806aa824b3c3cc973316df4e08a08b502ca9b8eab8dc3f0d33236a122c0c","ssdeep":"768:eXufEc5HZ9CWOUTZpz4uZLPYpJKoKBZyVlVo08YZvst:eefFO2sucKBZyVXob","tlshash":"dae28694b755d22b47dd2d53947ea798223ac533c0c5b053b7acf68d0da4a0ec19e9cc","first_seen":"2025-10-13T04:05:07.138614Z","last_seen":"2026-06-07T15:26:21.464051Z","times_seen":4,"resource_available":true,"data":null}},"time_used":790,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":790,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/avatar/0.png","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/avatar/0.png HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 11 Jul 2023 23:18:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ade32a-607\"\r\nexpires: Fri, 06 Mar 2026 13:45:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1543,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit colormap, non-interlaced","md5":"ee5d41a3d66ad74f9f9f8071b3c8704f","sha1":"f95789aa835923681db418eba2dbbaf8e0ade62c","sha256":"d284115b6f0994410d2466ab471727d867c1c183dcdafed233c902ece5d76b18","sha512":"72a11cb2d40b0ca85e5e387520e3f57fb36806e800797a386fd56b6ca93651858f9e3b066efe33d9aa827049c92f1a8f9bf8e7c50300ff47ef558602d2bda88c","ssdeep":"","tlshash":"09311be6b77d46b2f5987bb1c9949251c0312e825085cb138502c1a7b735e06ef7ddc1","first_seen":"2023-05-18T11:31:11Z","last_seen":"2026-06-08T18:50:51.304169Z","times_seen":413,"resource_available":false,"data":null}},"time_used":792,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":792,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2025/02/202502281740741093116176.png","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2025/02/202502281740741093116176.png HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 28 Feb 2025 11:11:33 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67c199e5-9be\"\r\nexpires: Fri, 06 Mar 2026 13:45:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2494,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 50, 8-bit/color RGBA, non-interlaced","md5":"cf3a8b09052dfd293cc057d8f1bb25fc","sha1":"53452131a84975b09899f3dd597aee65d67b1774","sha256":"81e94d2f4849f524aa91a90f03d1421ce6dbe841771b33c6d505a1a31fd3d5b7","sha512":"02bdafd90f9c313844aab6dd320c9854ae5f68392ef65adf4e6ca97a9bd47664ab6be42955d688871c3b4a42cd9aca9b443b792b55eccd3ceb1d4331502f8ee4","ssdeep":"","tlshash":"35515c0352d01880c7ac77f20051787e398b75dfa20274e23606cd7ee23adac82ca1a3","first_seen":"2026-01-08T13:47:16.059806Z","last_seen":"2026-02-04T13:46:19.56026Z","times_seen":2,"resource_available":false,"data":null}},"time_used":840,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":840,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/3ef1c07e80.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/3ef1c07e80.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1555,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/7zb3h2f8/okx/c371da999b.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/7zb3h2f8/okx/c371da999b.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1619,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1619,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/noimg/3.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/noimg/3.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-3501\"\r\nexpires: Fri, 06 Mar 2026 13:45:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13569,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x270, components 3","md5":"a17b26d0f8e2b24c4e1620993c1c0e06","sha1":"64ac3c38d06212e47f7d2a4088ab673da1a4a2f8","sha256":"f1b83f83c5fb1928e606e885566630a75cb706e055c3af7677cbc1b3e4eb10f5","sha512":"7546986419ba8dcdbaaf1d43c794721c97b0c1268196180057c2cea70bcaf3657c1e5d3e4a5f744fb5224623df8ed0d46dd6bfce350159233688877b871c7df7","ssdeep":"384:5lpwSueO2u1SrMUr8IOw+rqDO6ZUYr6Si:5JnWUwSahYr6F","tlshash":"1052d048c87b42c3cc989d3393f3ae5b19a17554f2e8f90f948585122a53077893d2ea","first_seen":"2023-07-09T17:22:12Z","last_seen":"2026-04-06T22:14:19.14313Z","times_seen":25,"resource_available":false,"data":null}},"time_used":791,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":791,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/plugin/UEditor/third-party/prism/prism.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:45.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/plugin/UEditor/third-party/prism/prism.js HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 11 Jul 2023 23:18:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ade32a-eecb\"\r\nexpires: Thu, 05 Feb 2026 01:45:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":61131,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4799), with CRLF line terminators","md5":"436e8870ba117885ef700bbeaf798ba6","sha1":"7b242c9b1698d8cf69310101c64535c442b97949","sha256":"5867cef615756cb75b523c11e29d88f770ddb40fd51bc39cd60e3ba86d004fdc","sha512":"bd5f55dcdeb34fa64f49cc8badbe57a68cf0b2aa9d2799e31e998a44018352ee8d2326800975c914eb951069bf7024e9197aefa08e1a16e0c038aae1bf8acd71","ssdeep":"768:m5Y2fNvMbzlD2nW6uY45AHdw7UECX3b1ivdpMOxkKda2U6PDFDnNLDSAkvZrE/Jk:IYKEvN2W6uY4EwV1l42vd3gZAccRRx78","tlshash":"de535cbc5eb73d010ac7e1a6f8a29500e9221975d929791bf7e8d648c0f390742d3b6f","first_seen":"2023-03-07T12:24:55Z","last_seen":"2026-06-08T21:29:54.595892Z","times_seen":1778,"resource_available":true,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/images/search.svg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:45.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/images/search.svg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/zb_users/theme/hopelee/style/style.css?v=1.7.9?t=2025-02-07\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 392\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\netag: \"67bef9d5-188\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":392,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a4f7f48d3a550d0298a33aff9cc3edc4","sha1":"55bb935005c9f0cf15bbf3208a132ba4c2e8d7fd","sha256":"4d5443a957625bfade7b60416fda4f64484ff5ee0ee01e2e8319e5999b34c541","sha512":"a9fff6cd29b54993a8f62591a24dc7ec4299f1aef4c25b32475f9dccbea0000e6b59979900697fdb14bb4db7934f77537e02982ac9b247411de733f1b53d03cb","ssdeep":"","tlshash":"71e0c0027332697db20c47b4efac71ab507a30d61a071b75a9f31d3120c49da683f796","first_seen":"2023-12-28T17:33:23Z","last_seen":"2026-06-05T04:19:24.509786Z","times_seen":36,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/images/okimg/bn/balogo.png","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /images/okimg/bn/balogo.png HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 19 Dec 2025 14:32:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694561e6-2cff\"\r\nexpires: Fri, 06 Mar 2026 13:45:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11519,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"53a358f22defe30abd5cbdcd98ce0cc5","sha1":"697acf4c2c0ada723ff74315601e507f526e47a1","sha256":"38df0168beae867760cd93804c0e75a21412365d810f8759381172debf45a996","sha512":"bc79287969f2f9241c0c0dc22485aa8222ed0d077499c550577dc36754461f2897d278d7634ebf8542e54b5a5717703725cff6d5945b0a58bc9c4325667d22eb","ssdeep":"192:H5kQFTpi2k+DomT2W5c958km3VRiL291P/oGPrOj8kVBmap4z5RtqDdRoV9Eq1D4:H5VTsMom6OcokKA2PoGPrFk7sbqW5Esw","tlshash":"7232bfa7e2cb2716c23e721637bab1b4494712fd808ad364f3a470855dc07781df3a14","first_seen":"2026-01-08T13:47:16.072017Z","last_seen":"2026-02-04T13:46:19.563398Z","times_seen":2,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/720a5e3082.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/720a5e3082.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/images/aside-author-bg.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/images/aside-author-bg.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-6cbd\"\r\nexpires: Fri, 06 Mar 2026 13:45:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27837,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 920x300, components 3","md5":"d6714d90dab239023d79370cb04cf69e","sha1":"576197b3f943899b894e18743b1ffd389a99a148","sha256":"36a2a9cd50fc65951e53e57c4ac621e7611899058bb46d2912aa1104c812e905","sha512":"9c3cfff3801f547aeacdd8a30e56b2a3d817a05267d1b8dff8e1180f2256d597ba90cbf9542b390fbfcfa4247c6b0b3571681a70aedef1b025332ee30fbff61e","ssdeep":"768:qEUnZGMeesqLFTNNFQuuM/Tlyh9SwB92tzdZ5nGz:qEEGshTKuFArfBsnm","tlshash":"57c2e1ead54d4e33f2cd667f9d1097f5bb28a8371903c14be4421622b917d0af4d1869","first_seen":"2025-11-25T19:48:22.972602Z","last_seen":"2026-06-05T04:19:24.464131Z","times_seen":8,"resource_available":false,"data":null}},"time_used":535,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":535,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/noimg/7.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/noimg/7.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-2cd0\"\r\nexpires: Fri, 06 Mar 2026 13:45:46 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11472,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x270, components 3","md5":"fa02904bb990b3e23ed32aa0960d903e","sha1":"010ded98726420185b063078f09305f094ef715f","sha256":"7388829218bbd3ced2b2fef721197fe70c038e12ebd77392943ced9980699cfb","sha512":"981ec599557771eca373729b7bc3d00821826fd4474d09a65f1d2a473c44c7b6870c354e17a600b0f932240549427bf56d212b3d1bfd7f7f9f078169b3ebaa02","ssdeep":"192:50iLHIim9r7hflIit2jR6ROlg+htLCL8OZNAiELxeyOX9Iw67aV+eZUiniMeUak2:50iLHIicr7RlIiiR6z+XCLBSiEwnXq97","tlshash":"f332c06e8dc36e50dd256a7b0af27c53c3775ae4fc89c33e67d0084b448497556282da","first_seen":"2023-07-09T17:22:12Z","last_seen":"2026-05-26T05:43:57.232548Z","times_seen":30,"resource_available":false,"data":null}},"time_used":536,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":536,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?7975dc6c181b9e4f41af3aecd3c80c18","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?7975dc6c181b9e4f41af3aecd3c80c18 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11298\r\nContent-Type: application/javascript\r\nDate: Wed, 04 Feb 2026 13:45:48 GMT\r\nEtag: b11850c9ab254fda65973abd115db9dd\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=921C8CF0A0555194; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29904,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (628)","md5":"3ea046e58c6468f6f9420f69cf9ad2d5","sha1":"fce122960665b5e37c0d51dd54ef85fe4be237e1","sha256":"041ed570dc52e62796085d1156a8f95099097b6f0897f12f407b510945e5f803","sha512":"385892461cdafd0a674be9401c03f3bce37bf1e88b9ea4afa736617fe16e5911b806da2ecc20deb2f3ce10ad38cc05b3f72e9a247fed471b32171f83be0c889c","ssdeep":"384:omJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:om4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"78d2d9a9b282713293a324a5153f324af07b5a54bd4968a4f11994c07d38fbb027bfdd","first_seen":"2026-02-04T13:46:19.566478Z","last_seen":"2026-02-04T13:46:19.566478Z","times_seen":1,"resource_available":true,"data":null}},"time_used":4742,"timings":{"blocked":2198,"dns":338,"connect":529,"send":0,"wait":343,"receive":1,"ssl":1329},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/images/okimg/ok/style.css","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:45.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /images/okimg/ok/style.css HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Dec 2025 14:32:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694561e5-2079\"\r\nexpires: Thu, 05 Feb 2026 01:45:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8313,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (7378)","md5":"0647e0f93f61504f80cf39a45ca25064","sha1":"4b185ff0594749c6b10d470f4f7195a37a5f805c","sha256":"7ff73882663429c16a7469be7476787f0661070f9cfc18a43796519614c046af","sha512":"756fea69a1ca35f6720d685782dd8318f08ed6e9a5c8b8328b4980d09652d2d07588dd179f1f05d8cab11047354ecc1194bfd7388e8712e209d8e543f4d8773c","ssdeep":"96:zd/APgrx0Q6IOrL/WO09ScMG42K45Hcag64y6aRzs:2GkL/WO09S12KgHcZ6H6aRzs","tlshash":"cf0268d3f5e1211b666a9018e9977bbd6e7fb0918b008cf9b60ef3b887414d308e6454","first_seen":"2026-01-08T13:47:16.017436Z","last_seen":"2026-02-04T13:46:19.567238Z","times_seen":2,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/3ef1c07e80.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/3ef1c07e80.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":859,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":859,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.bestwheel.com.cn/skin/static/images/okex.png","fqdn":"www.bestwheel.com.cn","domain":"bestwheel.com.cn","tld":"com.cn"},"ip":{"addr":"116.255.233.104","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:47.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bestwheel.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 02:13:36 GMT","end":"Tue, 24 Feb 2026 02:13:35 GMT"},"fingerprint":{"sha1":"93:B6:E0:87:FE:F0:B3:86:E0:3A:A8:A6:8E:72:D1:F8:85:C4:77:CC","sha256":"62:45:1B:8C:1F:5C:CE:E9:68:67:E3:9F:CE:C4:3A:2D:CC:87:0F:E1:FB:35:A9:C9:61:3E:AC:A0:74:07:1A:9F"}}},"request":{"raw":"GET /skin/static/images/okex.png HTTP/1.1\r\nHost: www.bestwheel.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gateio.bccbhxf.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 4235\r\nlast-modified: Thu, 08 Jun 2023 16:44:11 GMT\r\netag: \"6482055b-108b\"\r\nexpires: Fri, 06 Mar 2026 13:45:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4235,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"544c731ba791e365f013fc8e47dcc319","sha1":"a777058787c20c1c1cc206ec6eb3739a219c93e8","sha256":"8821aaed2501158191604cfeb994a0e80d87eb99da21c5783f7d4da1573d641c","sha512":"4789a4de6c1292ecc349fd31d4faa0b6d5e9183f928952b4a8d3ffd3fc90d785ff3e2c72f0c47e60c0a2793c77796ed39f6018a577a307d56a51c92f08174e23","ssdeep":"96:1SMllcHitlIxv9vk7C1+I4wWHLihk/xBpP5jQkrfU4bBo:1SHIIHUCD4waxh7zdBo","tlshash":"ea91d687d7040978e64c0678372787235636f976a6e61a0f99b742898d34b403d74ff1","first_seen":"2025-09-12T05:23:33.100841Z","last_seen":"2026-05-30T21:56:03.080952Z","times_seen":49,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":307,"dns":0,"connect":0,"send":0,"wait":243,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/libs/night.css","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/libs/night.css HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-2d2c\"\r\nexpires: Thu, 05 Feb 2026 01:45:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11564,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (1527)","md5":"45975180dd3c728d221f25d4e7b323d9","sha1":"0690c3acbae6ed2f3a11c6029ff08826e6be7914","sha256":"9beb06cf0ac1c1562d5c10181c4b84bea6248e042c8a4c672188b996fa32de03","sha512":"e317e7ea2cc22cf5b622173af84cd9eed5972fcfa07f8f8c8478c19c7a151f4b67694e99f4e66d74c86d659bdfb84bb5bf6df338e058c817a689ec8fbf805f22","ssdeep":"192:TbLxJZmXmRy8tFDtbVpcVswIozlwBtpaSBcgC15sL4H9A65vSLnfWSpG:nTl7jlVpcpIozlwBtpaSBcgT4H9AWvSQ","tlshash":"fc327623af9a1bc63427ffab7c9ba510361a026489405bb47aade3f7744bcb470525c4","first_seen":"2025-10-13T04:05:07.153619Z","last_seen":"2026-05-26T05:38:14.444489Z","times_seen":11,"resource_available":false,"data":null}},"time_used":841,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":841,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/20902367a0.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/20902367a0.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1583,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1583,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/script/jquery.lazy.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/script/jquery.lazy.js HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-cc5\"\r\nexpires: Thu, 05 Feb 2026 01:45:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3269,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2950), with CRLF line terminators","md5":"db0f3067bfc3240c2c43c433effffa60","sha1":"73389d4b7b052b919d1ab2cc876b54f415011d3b","sha256":"851b65c7a668d1c58e660031e8afdca27a460c22916a4d925aa9e5d6605a5954","sha512":"6eae43d3ec4e192b42c83184606f9b0f02afa1c13ecf7141fb910951c4890e1a93b7dbecbb3cda9ea72b83e5ac30fa2c74deec3ddb63091123b41ba4b026f810","ssdeep":"","tlshash":"d061a2453e06a13cb05ea67fc61b0309551ac51ba2b5e871a83584747cfced3a3575cb","first_seen":"2025-10-13T04:05:07.220451Z","last_seen":"2026-06-05T04:19:24.525432Z","times_seen":20,"resource_available":false,"data":null}},"time_used":789,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":789,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=921C8CF0A0555194\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1426566758\u0026si=7975dc6c181b9e4f41af3aecd3c80c18\u0026v=1.3.2\u0026lv=1\u0026sn=46864\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fgateio.bccbhxf.com%2F\u0026tt=%E8%8A%9D%E9%BA%BB%E4%BA%A4%E6%98%93%E6%89%80gate%E5%AE%98%E7%BD%91%20-%20gateio%E5%AE%98%E7%BD%91%E4%B8%8B%E8%BD%BD%E6%9C%80%E6%96%B0%E7%89%88_%E8%8A%9D%E9%BA%BB%E5%BC%80%E9%97%A8%E5%AE%89%E5%8D%93ios%E4%B8%8B%E8%BD%BD","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.182.140","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:48.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=921C8CF0A0555194\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1426566758\u0026si=7975dc6c181b9e4f41af3aecd3c80c18\u0026v=1.3.2\u0026lv=1\u0026sn=46864\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fgateio.bccbhxf.com%2F\u0026tt=%E8%8A%9D%E9%BA%BB%E4%BA%A4%E6%98%93%E6%89%80gate%E5%AE%98%E7%BD%91%20-%20gateio%E5%AE%98%E7%BD%91%E4%B8%8B%E8%BD%BD%E6%9C%80%E6%96%B0%E7%89%88_%E8%8A%9D%E9%BA%BB%E5%BC%80%E9%97%A8%E5%AE%89%E5%8D%93ios%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 04 Feb 2026 13:45:49 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=6CA81BFB91C7669E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-08T21:30:26.670316Z","times_seen":367112,"resource_available":true,"data":null}},"time_used":343,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":343,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/d2a3dddfe4.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/d2a3dddfe4.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1454,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1454,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/noimg/2.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/noimg/2.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-2326\"\r\nexpires: Fri, 06 Mar 2026 13:45:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8998,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x270, components 3","md5":"500f2908be04705fcce1651b0ff46466","sha1":"61917797fb975f54b13d7ff4607b2ca32ca34539","sha256":"4a8e2d935e31756577e8735047cad105ef5a2514bf52d9e679205d164a727ed8","sha512":"db0456d713db94b421f15f4184882af74d98dba3bc8ef26cfd78a3d98db6eb1edde70598710ff7c3ee65457a227729e833428b7444a008db866928518895a39f","ssdeep":"192:58WtUTlEpdCiANMXMYXwkyoHJrXxga0aDSzy9QWyt:58swEbCBfYXwkhHJrXOa0Oiy6t","tlshash":"1402af3e7fcb0013ed395476b4e2c0465a159882ac28f9c2ea7d917f4db04746b2addb","first_seen":"2023-07-09T17:22:12Z","last_seen":"2026-05-02T23:58:33.487151Z","times_seen":25,"resource_available":false,"data":null}},"time_used":791,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":791,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/images/icp.png","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/images/icp.png HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-498\"\r\nexpires: Fri, 06 Mar 2026 13:45:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1176,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 19, 8-bit/color RGBA, non-interlaced","md5":"37975a3be8087f62933f7aa3e7e80d12","sha1":"f31c9f47faedf7f33b9580d6284ab891fb697560","sha256":"ee1106e436965c14c10f8bf7f7f2292af1a32b65332753122b57c91f2456e0eb","sha512":"9d04944d71873e6ef8b8438ecefb5efcfe3e332b7ab9c6d2844799d6788a1360b6e948ed9409bca9beeb45dfc37c9af37004db47d7a20721e694dac1f04f3e35","ssdeep":"","tlshash":"b121da6755e4eee750907520d2f423ac9c61d9aeddc4833ac4c84c747b2bf4441718a0","first_seen":"2023-05-02T06:34:11Z","last_seen":"2026-06-05T04:19:24.479006Z","times_seen":150,"resource_available":false,"data":null}},"time_used":791,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":791,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2025/03/202503041741076408904480.png","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2025/03/202503041741076408904480.png HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 04 Mar 2025 08:20:07 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67c6b7b7-d0d\"\r\nexpires: Fri, 06 Mar 2026 13:45:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3341,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 240 x 96, 8-bit/color RGBA, non-interlaced","md5":"4485c9e67a977ab20fff06e74bd17f9e","sha1":"ea9f656138454d7949213944ada853a6c26a138c","sha256":"273da9725df0df8267c643e6c9d6f57973b7dd32dcb8b23abd3331e28436d144","sha512":"e3e5cd7d9dfdcab30e5ad89e626679a679e335becce7204d256c59049c18c6b401db223603830f82b7732cb041a4c54651af67ab992b561ab772c85a5b3585e7","ssdeep":"","tlshash":"26615d14c2f9d6626e0386fd8b0ba75b5a377dc8c0f1b80ddd008add3f5dca580a1512","first_seen":"2025-07-06T09:51:09.353321Z","last_seen":"2026-02-04T13:46:19.572719Z","times_seen":3,"resource_available":false,"data":null}},"time_used":806,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":806,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/0e7624c8e5.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/0e7624c8e5.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1463,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1463,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/noimg/5.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/noimg/5.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-3987\"\r\nexpires: Fri, 06 Mar 2026 13:45:44 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14727,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x270, components 3","md5":"d77bca24a8f8853296d34307c98803c5","sha1":"92c657f7d275b3f48e81cf896de7dd3ce548d81e","sha256":"08616c1cc9c207400c056783f2986d1b49cc3f4a32f0b96b25332e87d270eb89","sha512":"7114b1b390c1f0037bc3e20ae0a7eae2df46d552972836aae3ecd31d38314bf90930c498f20bde345e7ab2ccb8b1224087566743d0f68ba428c8c1c3e7644f77","ssdeep":"384:5mfTwoMKCzHHMkCW46dxNEvA+nGYS8DsbOqANpR4:5SHQHskCW1dsvAzYHDzHo","tlshash":"8062bf5c70f30c17cc2e0b761dca6a03399149879041e29daafe6a74890623fd7895df","first_seen":"2023-07-09T17:22:12Z","last_seen":"2026-05-02T23:58:33.408239Z","times_seen":28,"resource_available":false,"data":null}},"time_used":792,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":792,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/images/top-fr-bg.png","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:45.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/images/top-fr-bg.png HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/zb_users/theme/hopelee/style/style.css?v=1.7.9?t=2025-02-07\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-b133\"\r\nexpires: Fri, 06 Mar 2026 13:45:45 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45363,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1240 x 45, 8-bit/color RGBA, non-interlaced","md5":"c24b943379400e8c6fe21e99113ae5a2","sha1":"71637cefe4714ef7ebf6ecce6d5abe6b914a7841","sha256":"7d97608be8369bf3213de5265ffeaaf6a92936121552a0d12bc4b7501ca016ae","sha512":"58a83f5425d1f5c4c1c5b710210e8c75f6a7f23fd8f946cff95d2cf35cfdd7f983abe53d33c4f53d295440feeb331512aab9f2f7aec7ba213e6b7560bafb73a5","ssdeep":"768:5etxmFP55lURZJ1gqfhwwE5PKP1piau5DBybpjuxY+5S5aR26OlS07g:exK55erSg933026O44g","tlshash":"0913bf97e9c9f9d9ad96276bcae04906fb2d34c9a38f66206cf508d64503307b48d3cd","first_seen":"2026-01-08T13:47:16.066528Z","last_seen":"2026-02-04T13:46:19.574663Z","times_seen":2,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/script/jquery.min-3.6.1.js?v=173410","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/script/jquery.min-3.6.1.js?v=173410 HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-15d9c\"\r\nexpires: Thu, 05 Feb 2026 01:45:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":89500,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"7c14a783dfeb3d238ccd3edd840d82ee","sha1":"ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b","sha256":"80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0","sha512":"fa3e021ca60a9adbe570c6565c7370727904c4396c23a4c519daf258d05fae3e17bfb7607a0ab6dfe2b7150a4ec1b6a95e6d49675291be5f6a4e5679ad78d858","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1vN:DIh8GgP3hujzwbhd3XvSiDQ47GK/","tlshash":"6f9309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:06:20Z","last_seen":"2026-06-08T21:57:43.586528Z","times_seen":19814,"resource_available":true,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/style.css?v=1.7.9?t=2025-02-07","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/style.css?v=1.7.9?t=2025-02-07 HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-2dfad\"\r\nexpires: Thu, 05 Feb 2026 01:45:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":188333,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (6765)","md5":"7d4ccab2e973c0e7ef0d8395559f4964","sha1":"781c3ce111fa223d4ac57891172b7494a273dcac","sha256":"1a324beaa5f89d8c5c57c28c60692875618185faea76c00cf4fc7544a2ec2a46","sha512":"a210a4221003491a26fe578d8a0ec49edf7bd4ca068b372bb9378dcca2589fa898b76085cba13cb21ea19af08c5ebfca20318ef4783318b29a06745213854e7d","ssdeep":"1536:98kR6DUvmvr3awfpFrYNLaw5goh2EKhvd0SRuWwkfUF06u54Bdxnc8fDxytwKmDR:98kR6QvCzr1dJtFhZfkRd","tlshash":"6c04b621e650210cf137d762bad1a7dd7634c023e1230efef75a7a69ca8b9e91132749","first_seen":"2026-01-08T13:47:16.071128Z","last_seen":"2026-02-04T13:46:19.575923Z","times_seen":2,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/images/okimg/bn/bn.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /images/okimg/bn/bn.js HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 19 Dec 2025 14:32:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694561e6-592\"\r\nexpires: Thu, 05 Feb 2026 01:45:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1426,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, Unicode text, UTF-8 text","md5":"9d85b0e64d22a2a905f9abbf53883dbf","sha1":"04c2870ed62447c4e93372ee2f70a83bccb9785a","sha256":"8ea7240ec36b55ce270435e0a2df596b3ef1d786d3ad826b0c51be8835f05c84","sha512":"8ba1b0952ee3a0c73ec438d3133913d1c8ce80a1fe1bd049ec8b992fd957f4bbe27f8011d373006eb4af0d4ec6a0f66ff71ede167e0a7275740ad5b6c76e647a","ssdeep":"","tlshash":"7621c06390e0121727eb61d2f5bb579e6ef1318fd6129980729e01905f81ce8c49f065","first_seen":"2026-01-08T13:47:16.057455Z","last_seen":"2026-02-04T13:46:19.576722Z","times_seen":2,"resource_available":true,"data":null}},"time_used":806,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":806,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/7d68a6d16c.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/7d68a6d16c.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1613,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1613,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/c0102c581b.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/c0102c581b.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1492,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1492,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-04T13:45:42.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:43 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nproduct: Z-BlogPHP 1.7.4\r\nx-xss-protection: 1; mode=block\r\nupgrade-insecure-requests: 1\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]}],"data":{"size":42491,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2908), with CRLF, LF line terminators","md5":"f1b9410467da46960db5ed1ca4220d8f","sha1":"0ef6c7a1c6e93205d5e99884760224eda72d8b81","sha256":"082b04c586edb2e874928d4a0b33f98a3a11da09ea8041199747646f3e8cfd96","sha512":"f7abd1966eb0d9a17c6302406925f5921b34eafc4e25111841372c4d06642dde46afa0ba875cabc5cd13e20d72e8289c319b334d22b3082a40293213008ffe3f","ssdeep":"768:6AIIXBIkKO/qcbjlGXKuKp1y8+xI1FNzjeSC2NuPMMfc:ZIIXBIkK6zvg1K7eQFtRFNum","tlshash":"bd1371365ac92c770a3352c70375270d7493e97bdb6349c3b3fa06841b8bea6d91641b","first_seen":"2026-02-04T13:46:19.577599Z","last_seen":"2026-02-04T13:46:19.577599Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3764,"timings":{"blocked":1602,"dns":272,"connect":279,"send":0,"wait":558,"receive":0,"ssl":1049},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/plugin/UEditor/third-party/prism/prism.css","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:45.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/plugin/UEditor/third-party/prism/prism.css HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 11 Jul 2023 23:18:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ade32a-1039\"\r\nexpires: Thu, 05 Feb 2026 01:45:45 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4153,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (446), with CRLF line terminators","md5":"b723c2f958f530879d534e05628b401a","sha1":"2a7ba0076d94322373e6033e8e7d414c77b11592","sha256":"e82e0b58f5c11f55f08603ea35e2aa7612d4e5986e5cb6bc2d4c53e3c1c9c149","sha512":"f5537e2e51c8e8c210a639646fad3230e2180e5c5ad2597115b24d1253e73981469a2d3155e28b8ba38e77776fc6933a2ba45d0e9f00fd5876d7264f7d6e46fb","ssdeep":"96:FJpT8IVUVLK5oSXX1V1VIHvtVtVQnVAf5rVKHVlVaBkBABvBUBQBBOB9BlBWBnBb:B8dLK5oSXXzzIHvLLQVy5xK1DiQcpgQ5","tlshash":"958110219d7b159d30076a67e8f1b0243816aa19c993267cbf30d2909f43fdeebb3519","first_seen":"2023-04-08T15:33:58Z","last_seen":"2026-06-08T21:29:54.597121Z","times_seen":1686,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2024/13/d2a3dddfe4.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2024/13/d2a3dddfe4.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.sywrxfs.com/zb_users/plugin/ly_autoimage/img/1be34c48d9.jpg","fqdn":"www.sywrxfs.com","domain":"sywrxfs.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.089Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /zb_users/plugin/ly_autoimage/img/1be34c48d9.jpg HTTP/1.1\r\nHost: www.sywrxfs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/7zb3h2f8/okx/b6022cbc11.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/7zb3h2f8/okx/b6022cbc11.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:45 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"696da8ae-a0bf\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"html2canvas","description":"Screenshots with JavaScript.","website":"https://html2canvas.hertzen.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41151,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5774), with CRLF, LF line terminators","md5":"7b427146eb226f37319d206e83d0b762","sha1":"a7d9d9e88bf19122313ed67679c331177a954011","sha256":"6077a58e4f6496b4ce752c584860c3995287882bd48eef6c8c493692a6d6ab78","sha512":"fad1b31de79aefbeb1d41509023234049ae98f527e0570b69a0227fe9f4a74c619a395bec43e9cd2f7a427454f2297df3094cc7987aa08e2e7c31f4c11d5d58a","ssdeep":"768:LeIIpVyTy2AlQhWvc1UIw5RtX7leaMpM8GY/WPMMfZ:aIIpVywyBM5RtXkaM28WD","tlshash":"6f03d52a5a8b1ca7092361d712322b0e7086d52feb53cdc3b3fd44546f8ae96c50e56f","first_seen":"2026-02-04T13:46:19.54969Z","last_seen":"2026-02-04T13:46:19.54969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1488,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bestwheel.com.cn/skin/static/images/okex.png","fqdn":"bestwheel.com.cn","domain":"bestwheel.com.cn","tld":"com.cn"},"ip":{"addr":"116.255.233.104","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:45.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.bestwheel.com.cn","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 26 Nov 2025 02:13:36 GMT","end":"Tue, 24 Feb 2026 02:13:35 GMT"},"fingerprint":{"sha1":"93:B6:E0:87:FE:F0:B3:86:E0:3A:A8:A6:8E:72:D1:F8:85:C4:77:CC","sha256":"62:45:1B:8C:1F:5C:CE:E9:68:67:E3:9F:CE:C4:3A:2D:CC:87:0F:E1:FB:35:A9:C9:61:3E:AC:A0:74:07:1A:9F"}}},"request":{"raw":"GET /skin/static/images/okex.png HTTP/1.1\r\nHost: bestwheel.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: text/html\r\ncontent-length: 162\r\nlocation: https://www.bestwheel.com.cn/skin/static/images/okex.png\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4235,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":2354,"timings":{"blocked":1057,"dns":568,"connect":238,"send":0,"wait":240,"receive":0,"ssl":249},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/7zb3h2f8/okx/b6022cbc11.jpg","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/7zb3h2f8/okx/b6022cbc11.jpg HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/upload/2025/02/202502281740741173519080.png","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:47.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/upload/2025/02/202502281740741173519080.png HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nCookie: timezone=0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:47 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 28 Feb 2025 11:12:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67c19a34-4fa\"\r\nexpires: Fri, 06 Mar 2026 13:45:47 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1274,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"be3acc4bbff770ce3544e6e8e6c138a3","sha1":"a91160b74c74e8b22361ac80f67e9927b6afcece","sha256":"9e08a796bf2e049b11f271279587cf7ca567eb1fda264052cba91ecaa2d63549","sha512":"d6e501e987fb59915a525335829e5b14ad8f97a0d92a6c5ae811a8b1c80a74383685833f79ab6d169982492b78041ae47014e686a65a144726b0fd8248b64a45","ssdeep":"","tlshash":"1321c82e52971843ad4da2b8327726e9ac296b05f6a3659c5b958113113243dcd801cc","first_seen":"2026-01-08T13:47:16.027132Z","last_seen":"2026-02-04T13:46:19.578955Z","times_seen":2,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/script/zh-tw.js","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/script/zh-tw.js HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-5c7f\"\r\nexpires: Thu, 05 Feb 2026 01:45:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23679,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (4429), with CRLF line terminators","md5":"c207d6a0dbd295b8230928cb546e007c","sha1":"311fcd6988af9b5c9e9060f616c9c27dab4d3ee3","sha256":"1ffce78c180034e2ea8a1020cc82eef6bcb2da410bfc60f53a6a90e203388d33","sha512":"bc707c25b7936b366e51e084887ed4ebf1541d2267af651bfb1f3213b84ce31d1d3f76398fa6f2fd145453b957a351bf8adcd06ca89fa8b141c6fc5c09e89fef","ssdeep":"384:kWwGFJQddNLH/GxKP/iGNxq/wH5vZrQBfGZICZjAGHXJYjwRoaqhd:kWtavN7FXHNxqOvZrWfCj1AGH+jcod","tlshash":"2fb26dc7b61655766343322a0a37c68f1c3cdb20141eb0d5f0b628d64d98a3792f6fa9","first_seen":"2025-10-19T01:25:28.546314Z","last_seen":"2026-06-07T15:26:21.460771Z","times_seen":8,"resource_available":true,"data":null}},"time_used":790,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":790,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/libs/animate.css","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:44.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/libs/animate.css HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:44 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef9d5-b8a1\"\r\nexpires: Thu, 05 Feb 2026 01:45:44 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":47265,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1239)","md5":"6131a1bbbf35083c8384aed1f17db995","sha1":"a15e2da3ed78cf53298b4111dcfeb5e17ae0e0b3","sha256":"c98120121b8495a9b4799b08d8d6a35dc3dc905e2528df8625da66f7e41caa54","sha512":"6f5aca080ffe6c74a311f90d1c22264d79fc51f2b63bfcc756f62d1944827fb683fc56c89e7d02db027b5b0f1caf3bfc08f5e803756bca84f578ee6ed2b4eef4","ssdeep":"768:fWjc9IKQD9TwH1KAvk1D63yyH5wrUeK0IT2:fWHwH1KAvk1D63yyH5wrUeK0IT2","tlshash":"1b23b89a48e1234494220e15cbdc9ba85b3cc76368b14cef33867c4b8b46bed63dd617","first_seen":"2023-05-09T22:09:52Z","last_seen":"2026-06-08T10:30:09.97473Z","times_seen":217,"resource_available":false,"data":null}},"time_used":561,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gateio.bccbhxf.com/zb_users/theme/hopelee/style/libs/iconfont.woff2?t=1658815149796","fqdn":"gateio.bccbhxf.com","domain":"bccbhxf.com","tld":"com"},"ip":{"addr":"8.134.189.195","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gateio.bccbhxf.com/","date":"2026-02-04T13:45:46.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gateio.bccbhxf.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 01:58:51 GMT","end":"Sat, 25 Apr 2026 01:58:50 GMT"},"fingerprint":{"sha1":"C8:8E:34:0D:26:04:8F:C8:EF:C5:5E:2D:9A:45:D8:74:57:C9:E4:B2","sha256":"BC:04:DD:58:6C:8B:E1:F1:B3:D9:54:84:3C:42:53:9A:31:3F:30:57:34:1C:45:C5:75:FC:53:3F:D3:C2:5E:7E"}}},"request":{"raw":"GET /zb_users/theme/hopelee/style/libs/iconfont.woff2?t=1658815149796 HTTP/1.1\r\nHost: gateio.bccbhxf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gateio.bccbhxf.com/zb_users/theme/hopelee/style/style.css?v=1.7.9?t=2025-02-07\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 04 Feb 2026 13:45:46 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 25980\r\nlast-modified: Wed, 26 Feb 2025 11:24:05 GMT\r\netag: \"67bef9d5-657c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25980,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 25980, version 1.0","md5":"57641f9c2d0ac50a10562b1dec8cdc9a","sha1":"03931fccd4ff3b824872b196d13978cd13a9dd87","sha256":"3670e9925186dafa054c4851ad43ecf26d73e440dbe40be9afc24361853dfef1","sha512":"acfff2ea2ecfaa1d9d08d54d4dea6842caac3bcdeb0a979b7486c8caaee8380b75aee4088c57c9aedfe27cafdd1aad381eac1f018fa31203062c0713fb0f9de0","ssdeep":"768:S8EDX+wY3Az2vUEN7A3C55r3VkBPO2FDkFtyhNUrfdXf:S8EDX+lo20C5jVkBPJFD305f","tlshash":"cac2e107c3a1fe10bc6d4c7444b5a55ec2e28a369768e109ce6efb8e0db3d93de26405","first_seen":"2025-10-13T04:05:07.20909Z","last_seen":"2026-06-05T10:20:35.515387Z","times_seen":24,"resource_available":false,"data":null}},"time_used":531,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":530,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"gateio.bccbhxf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}