{"report_id":"bbbcbff6-2911-4e75-9f19-53af89f16f47","version":6,"status":"done","tags":[],"date":"2026-01-05T09:04:29Z","url":{"schema":"https","addr":"www.hitbtc-login.com/","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":0,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"www.hitbtc-login.com/","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"title":"Sign in / HitBTC","dom":{"size":294201,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (3463)","md5":"6a2638a9e234150eac500775de3147b9","sha1":"f495333899496b17d44bb7b8ae985441faf0e2b8","sha256":"20af13081525f6d23e1b52be5da56625e67c72a7014f37935b7ca43bfa910c45","sha512":"154838d3c78c90f670e0f69e85710b73354df8b421923d7601daddde9ed796896d797a42cf5ab709f44ed8a6f4d704202a71133950166a7a1f7104c73477311f","ssdeep":"1536:g75bPNOXLUy1LSJ/qsicjv7RV08VkQMV1Ef8kpJL7uTOcTTIZVouu4wrbSOcXTg6:jWJN/mVCqp3igVW","tlshash":"a454c8f661e4a2d0d40bcbb4e8314566aaaf3cfa7fc543c8729c8ed49b910e9c949c50","dom_hash":"domhashfb9fec8accca4ba1c2e963ee580145c9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"www.hitbtc-login.com/","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":0,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-09T09:04:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"www.hitbtc-login.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.hitbtc-login.com","ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2024-07-17","domain_rank":0,"first_seen":"2026-01-05T09:04:30.236022Z","last_seen":"2026-01-05T09:04:30.236022Z","alert_count":30,"request_count":10,"received_data":1446939,"sent_data":6095,"comment":"","tags":null,"fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"Hammer.js","description":"","website":"https://hammerjs.github.io","common_platform_enumeration":"","icon":"Hammer.js.png","categories":["JavaScript libraries"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-04T22:14:09.841371Z","alert_count":0,"request_count":2,"received_data":98310,"sent_data":1122,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":1,"received_data":14465,"sent_data":468,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.hitbtc-login.com/","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"07f9a00b68c0963755ef7a6fd976875c","sha1":"eae034ebf2a491ade70d5780c6ed2c24d7ad0194","sha256":"80909f3dd5f6210fd3893d3a7b6e07072e16dae117d9df3c7d34989ac0a37412","sha512":"ca50cab5c2d0e5252d1bdf67af7e461f6d0817cbfc83b3e603b7c9e0ef914739d4eeea0140b0ac1a11ae2f0b2193d49088d24600827d67f4faa98a9811153219","ssdeep":"","tlshash":"5011660e78f55012a23370f1682f4819743669432a18df143fcd9e90df1da3ca5ab7e8","size":1043,"data":"","first_seen":"2026-01-05T09:04:32.926648Z","last_seen":"2026-01-05T09:04:32.926648Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"08768bc4c5d22e4680c61bf3a1352b39","sha1":"9aedc8297906622d3fcb7e9df1ac6bd837736222","sha256":"bfd35f4cf1fc181230d8f97df526c3a59b25ba65787cbc7f047d590cd770c7b0","sha512":"f8679ebec1ea7f33448de952a1bf4db18b1dbbe426f106f73f1009acdd9c85f689b19b8fd44f79024650ea1b1bc13d001e8ef6f8dea067585b706208e409cb45","ssdeep":"","tlshash":"1311af04b1e3469d6437627526f3a7065f754c1b4694cd00b72c28e2af297f8b453787","size":1031,"data":"","first_seen":"2026-01-05T09:04:32.928101Z","last_seen":"2026-01-05T09:04:32.928101Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"e06ba128ec929d1171a12d5d8a0530dd","sha1":"fd357e62eb86d4e1fb9e604d01a64cd801ec855b","sha256":"243ee76926b682e38d187eb67920bacdb8b248c4465de3816599a186ba4b9e81","sha512":"ab134612d69c0b69272ebd4e59201787dc3ad56a9ec1239d65bad769b45322dfbc2a8927a03c0b8959a58780292515ea3601af6a51e5f8d0537b798294d57f1b","ssdeep":"","tlshash":"2141c04425f704165123d01d5be74ac6e6b5e14b740dca8f366d72c71fc3424a2ebbea","size":2398,"data":"","first_seen":"2024-12-20T20:26:25.457342Z","last_seen":"2026-01-05T09:04:32.929854Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":true,"md5":"36126619aeb89ab1701fbbaa40847ce6","sha1":"890f87ae8d8744c76c03dade48fde6e4c3c8a759","sha256":"79fc792c2a70a0e7d9132d6b981b6947129ee6a40dfd1cda3d6d7884f54901f7","sha512":"504935e0458ea66f55ef5a68c03a7dd49e8f6687523ea66e2769aadeb9f09c95bf8530a36c972baccde29e931fb0bd57e9142efc6c3fd55ccb7660e67f46a994","ssdeep":"","tlshash":"e011b907f26928177045e7e09bd20b587485f086de280768717c9fb1db90675b4276bc","size":954,"data":"","first_seen":"2025-08-19T02:28:04.708974Z","last_seen":"2026-01-05T16:18:43.493329Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/assets/hammer.min.js","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"084aa824c6e6f64cf28551d070abe00c","sha1":"dabfade6656a1018d065b5f3673f4154aaf7a8ba","sha256":"7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf","sha512":"517ba666b64d88ec274dc6521cb39f713b346a8b363330561d73873ae07427f478e100747706392607dbbe58d77249557fae46738125e918d9fa59f07766b3da","ssdeep":"384:2b5vj+l3jfaksTAAvNWUwLATFqNCns+CSHDJDLrx:y5vj+5jfSTtrTFqNCs+CSHtD5","tlshash":"8b92c68633c7728192a720b5a0af020b6137988694cd596cb4bcdad57eb553c927bf3c","size":20765,"data":"","first_seen":"2023-03-07T12:26:23Z","last_seen":"2026-06-07T09:51:15.582762Z","times_seen":1225,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/assets/jquery.min.js","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-08T13:41:26.899264Z","times_seen":166494,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.hitbtc-login.com/assets/logo-big.svg","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hitbtc-login.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 06 Dec 2025 18:00:11 GMT","end":"Fri, 06 Mar 2026 18:00:10 GMT"},"fingerprint":{"sha1":"CA:52:57:4B:E4:39:D1:A2:AE:FE:FB:2D:05:B1:E3:EF:2B:41:3B:F4","sha256":"B1:81:4D:9D:C2:62:30:27:43:59:13:E2:15:2F:EB:E2:C4:B0:B9:5B:B9:6F:59:3A:F0:73:42:95:EA:88:1D:E2"}}},"request":{"raw":"GET /assets/logo-big.svg HTTP/1.1\r\nHost: www.hitbtc-login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.hitbtc-login.com/assets/master.5c8ee6fe.css?v=qweqwe\r\nCookie: __ddg8_=UK2p5afQRSXNPqlA; __ddg10_=1767603846; __ddg9_=91.90.42.154; __ddg1_=42hcGFlAeUDUn81zfgh5; PHPSESSID=e01c22bb1e354cb3da62e4edd62735b7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=qx3CXWtV2hfSyBte; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg10_=1767603846; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg9_=91.90.42.154; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 05 Jan 2026 08:49:43 GMT\r\nlast-modified: Sat, 23 Mar 2024 06:42:14 GMT\r\naccept-ranges: bytes\r\ncontent-type: image/svg+xml\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 863\r\ncontent-length: 4642\r\nddg-cache-status: MISS,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":16955,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"64a7aca3fa50120809a2a17b8a375e4f","sha1":"d047e551f1289469bbafca52cda5d3ab71f0da19","sha256":"2a20eb7843672439f674b3842660d2737c9681ef7b32f5e1496729a91d38116c","sha512":"e6a260ec1c2ae8c9f59f64e7a42cc04fc4287ed2ef24f49da146d39de72c310e8d5483b3918e0c69253c3f38ba1e12f16b1ff48a032f3e55f20a8ea8649ad5d5","ssdeep":"384:5/P/6uyqx8vNlBZDRFDvlRWZ0MuWRNHTIb:5X/6ulevrRxw0VWg","tlshash":"6b72eb7b130c87fb9182a7842fad665d33a0c9e2b2f5a0cccf93a8568c165b74573d61","first_seen":"2026-01-05T09:04:32.912365Z","last_seen":"2026-01-05T09:04:32.912365Z","times_seen":1,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"www.hitbtc-login.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.hitbtc-login.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 01 Jan 2026 09:55:49 GMT\r\nexpires: Fri, 01 Jan 2027 09:55:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 342497\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-08T13:35:49.48354Z","times_seen":281209,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":106,"dns":1,"connect":20,"send":0,"wait":8,"receive":4,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.hitbtc-login.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 01 Jan 2026 09:55:49 GMT\r\nexpires: Fri, 01 Jan 2027 09:55:49 GMT\r\ncache-control: public, max-age=31536000\r\nage: 342497\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-08T13:35:49.48354Z","times_seen":281209,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":57,"dns":0,"connect":8,"send":0,"wait":8,"receive":10,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T09:04:05.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hitbtc-login.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 06 Dec 2025 18:00:11 GMT","end":"Fri, 06 Mar 2026 18:00:10 GMT"},"fingerprint":{"sha1":"CA:52:57:4B:E4:39:D1:A2:AE:FE:FB:2D:05:B1:E3:EF:2B:41:3B:F4","sha256":"B1:81:4D:9D:C2:62:30:27:43:59:13:E2:15:2F:EB:E2:C4:B0:B9:5B:B9:6F:59:3A:F0:73:42:95:EA:88:1D:E2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.hitbtc-login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=tnaUZDM1bgCB5Qxp; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:05 GMT\n__ddg10_=1767603845; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:05 GMT\n__ddg9_=91.90.42.154; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:05 GMT\n__ddg1_=42hcGFlAeUDUn81zfgh5; Domain=.hitbtc-login.com; HttpOnly; Path=/; Expires=Tue, 05-Jan-2027 09:04:05 GMT\nPHPSESSID=e01c22bb1e354cb3da62e4edd62735b7; path=/\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 05 Jan 2026 09:04:04 GMT\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hammer.js","description":"","website":"https://hammerjs.github.io","common_platform_enumeration":"","icon":"Hammer.js.png","categories":["JavaScript libraries"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":295203,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (3463), with CRLF line terminators","md5":"3b4dea2699b4a52bced265264c0086c1","sha1":"82df3839bdcb2cb71abbf9f7dfaae53eec707dc9","sha256":"418f66902e2dedbb29bf155851451a3e9b885999514157e62b38c7226995bd76","sha512":"7e660f71cd5d13ca8acfb3e6ce79f8fe6a33339c7b8c239fba403ef055b37db02e736bce6e1e6c32c8c41c40c917afb3cf8576fd992894b1dfc81990eaaccbb3","ssdeep":"1536:h7h+gNInLUywbSffYs33oUvmR3fWTTQMV1pf8kpQL7rTvcTZlZVfbB4wZPSqcXTU:TGfHooEI8qpB50j4","tlshash":"9254b8f7a1d4a2d0d407cbb4e93146a2ea9f3cfa7fc54784729c9ed49b610e8c94ac50","first_seen":"2026-01-05T09:04:32.914585Z","last_seen":"2026-01-05T09:04:32.914585Z","times_seen":1,"resource_available":false,"data":null}},"time_used":728,"timings":{"blocked":127,"dns":61,"connect":20,"send":0,"wait":470,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"www.hitbtc-login.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/assets/style.css?v=3rsdsdsdg","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hitbtc-login.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 06 Dec 2025 18:00:11 GMT","end":"Fri, 06 Mar 2026 18:00:10 GMT"},"fingerprint":{"sha1":"CA:52:57:4B:E4:39:D1:A2:AE:FE:FB:2D:05:B1:E3:EF:2B:41:3B:F4","sha256":"B1:81:4D:9D:C2:62:30:27:43:59:13:E2:15:2F:EB:E2:C4:B0:B9:5B:B9:6F:59:3A:F0:73:42:95:EA:88:1D:E2"}}},"request":{"raw":"GET /assets/style.css?v=3rsdsdsdg HTTP/1.1\r\nHost: www.hitbtc-login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.hitbtc-login.com/\r\nCookie: __ddg8_=tnaUZDM1bgCB5Qxp; __ddg10_=1767603845; __ddg9_=91.90.42.154; __ddg1_=42hcGFlAeUDUn81zfgh5; PHPSESSID=e01c22bb1e354cb3da62e4edd62735b7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=4pwDgIA6hdgAELId; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg10_=1767603846; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg9_=91.90.42.154; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 05 Jan 2026 08:49:42 GMT\r\nlast-modified: Fri, 17 Jan 2025 04:23:58 GMT\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 864\r\ncontent-length: 59859\r\nddg-cache-status: MISS,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":401493,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4482), with CRLF line terminators","md5":"e2f310551193ba427b895384585e4543","sha1":"2f8eb705787d7139348d3a62a4d1ea438b249881","sha256":"653fcb961cd6123c199076c01ea6b0463a8a404eaea8c079a8e37f77823deb9b","sha512":"f6befa4293c50e945b063d0eff62eeba86671b56512db3a0166f5bf01f694dea7d8e377509b62ab356e53b9b1c45d3e02a2ece16069030dbaed5cf6bcc998811","ssdeep":"12288:fL32ZWKNUMQidZX7NzEb/VCcFc6wARfRURSRbRw:fL32ZWKNUMQidZX7NzG/VCcFc+RfRURV","tlshash":"ab84f962c76f2583253f2ebecb66170dfe14a1b35d020aa8f3d9549c8bfb5245052e9c","first_seen":"2026-01-05T09:04:32.916324Z","last_seen":"2026-01-05T09:04:32.916324Z","times_seen":1,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"www.hitbtc-login.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/assets/jquery.min.js","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hitbtc-login.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 06 Dec 2025 18:00:11 GMT","end":"Fri, 06 Mar 2026 18:00:10 GMT"},"fingerprint":{"sha1":"CA:52:57:4B:E4:39:D1:A2:AE:FE:FB:2D:05:B1:E3:EF:2B:41:3B:F4","sha256":"B1:81:4D:9D:C2:62:30:27:43:59:13:E2:15:2F:EB:E2:C4:B0:B9:5B:B9:6F:59:3A:F0:73:42:95:EA:88:1D:E2"}}},"request":{"raw":"GET /assets/jquery.min.js HTTP/1.1\r\nHost: www.hitbtc-login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.hitbtc-login.com/\r\nCookie: __ddg8_=tnaUZDM1bgCB5Qxp; __ddg10_=1767603845; __ddg9_=91.90.42.154; __ddg1_=42hcGFlAeUDUn81zfgh5; PHPSESSID=e01c22bb1e354cb3da62e4edd62735b7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=caSzWgak2AleT7c0; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg10_=1767603846; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg9_=91.90.42.154; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 05 Jan 2026 08:49:42 GMT\r\nlast-modified: Tue, 23 Apr 2024 15:29:52 GMT\r\naccept-ranges: bytes\r\ncontent-type: text/javascript\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 864\r\ncontent-length: 30086\r\nddg-cache-status: MISS,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-08T13:41:26.899264Z","times_seen":166494,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"www.hitbtc-login.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/assets/cap/cap.css?v=123asd","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hitbtc-login.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 06 Dec 2025 18:00:11 GMT","end":"Fri, 06 Mar 2026 18:00:10 GMT"},"fingerprint":{"sha1":"CA:52:57:4B:E4:39:D1:A2:AE:FE:FB:2D:05:B1:E3:EF:2B:41:3B:F4","sha256":"B1:81:4D:9D:C2:62:30:27:43:59:13:E2:15:2F:EB:E2:C4:B0:B9:5B:B9:6F:59:3A:F0:73:42:95:EA:88:1D:E2"}}},"request":{"raw":"GET /assets/cap/cap.css?v=123asd HTTP/1.1\r\nHost: www.hitbtc-login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.hitbtc-login.com/\r\nCookie: __ddg8_=tnaUZDM1bgCB5Qxp; __ddg10_=1767603845; __ddg9_=91.90.42.154; __ddg1_=42hcGFlAeUDUn81zfgh5; PHPSESSID=e01c22bb1e354cb3da62e4edd62735b7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=tipnia9Os7g0Vrla; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg10_=1767603846; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg9_=91.90.42.154; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 05 Jan 2026 08:49:43 GMT\r\nlast-modified: Mon, 15 Jul 2024 18:08:40 GMT\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 863\r\ncontent-length: 3916\r\nddg-cache-status: MISS,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":31880,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"fd41ce98586d0df90fb361bf0e99a506","sha1":"0ba25a59ada3a648e51f1378e3786ff294ce80ae","sha256":"75c4c6d213e96d40826a260bc4d4da1a631da0ea4c9fb68b04bb6ad5d819b715","sha512":"ac896bc5d64f32f4dee73e2c25c4e64fc0c873e0488c947836b5a3bbcf59d1bd8b55582da7a930a5f4c0a31216b44db12fa139a2a1783a86c5a28160290f0ed8","ssdeep":"192:/Jy0HORclYu1F71WnPsqZqffelzHKMuQo3by0QJqJIrpQrp2yybyyJJNJ2eZe3RC:/gaOohWnPZqHU+MI3byCq","tlshash":"fce2fc37f9030104213f6a13ff856b58e63ec5a3ca120bbe72b9d8898f56d9851e7d52","first_seen":"2026-01-05T09:04:32.918601Z","last_seen":"2026-01-05T09:04:32.918601Z","times_seen":1,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"www.hitbtc-login.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/assets/hammer.min.js","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hitbtc-login.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 06 Dec 2025 18:00:11 GMT","end":"Fri, 06 Mar 2026 18:00:10 GMT"},"fingerprint":{"sha1":"CA:52:57:4B:E4:39:D1:A2:AE:FE:FB:2D:05:B1:E3:EF:2B:41:3B:F4","sha256":"B1:81:4D:9D:C2:62:30:27:43:59:13:E2:15:2F:EB:E2:C4:B0:B9:5B:B9:6F:59:3A:F0:73:42:95:EA:88:1D:E2"}}},"request":{"raw":"GET /assets/hammer.min.js HTTP/1.1\r\nHost: www.hitbtc-login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.hitbtc-login.com/\r\nCookie: __ddg8_=tnaUZDM1bgCB5Qxp; __ddg10_=1767603845; __ddg9_=91.90.42.154; __ddg1_=42hcGFlAeUDUn81zfgh5; PHPSESSID=e01c22bb1e354cb3da62e4edd62735b7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=UlBFscvx2Z3mPAKf; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg10_=1767603846; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg9_=91.90.42.154; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 05 Jan 2026 08:49:43 GMT\r\nlast-modified: Sun, 09 Jun 2024 13:14:58 GMT\r\naccept-ranges: bytes\r\ncontent-type: text/javascript\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 863\r\ncontent-length: 7214\r\nddg-cache-status: MISS,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":20765,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (20581)","md5":"084aa824c6e6f64cf28551d070abe00c","sha1":"dabfade6656a1018d065b5f3673f4154aaf7a8ba","sha256":"7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf","sha512":"517ba666b64d88ec274dc6521cb39f713b346a8b363330561d73873ae07427f478e100747706392607dbbe58d77249557fae46738125e918d9fa59f07766b3da","ssdeep":"384:2b5vj+l3jfaksTAAvNWUwLATFqNCns+CSHDJDLrx:y5vj+5jfSTtrTFqNCs+CSHtD5","tlshash":"8b92c68633c7728192a720b5a0af020b6137988694cd596cb4bcdad57eb553c927bf3c","first_seen":"2023-03-07T12:26:23Z","last_seen":"2026-06-07T09:51:15.582762Z","times_seen":1225,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"www.hitbtc-login.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/checker.php","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hitbtc-login.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 06 Dec 2025 18:00:11 GMT","end":"Fri, 06 Mar 2026 18:00:10 GMT"},"fingerprint":{"sha1":"CA:52:57:4B:E4:39:D1:A2:AE:FE:FB:2D:05:B1:E3:EF:2B:41:3B:F4","sha256":"B1:81:4D:9D:C2:62:30:27:43:59:13:E2:15:2F:EB:E2:C4:B0:B9:5B:B9:6F:59:3A:F0:73:42:95:EA:88:1D:E2"}}},"request":{"raw":"POST /checker.php HTTP/1.1\r\nHost: www.hitbtc-login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 19\r\nOrigin: https://www.hitbtc-login.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.hitbtc-login.com/\r\nCookie: __ddg8_=qx3CXWtV2hfSyBte; __ddg10_=1767603846; __ddg9_=91.90.42.154; __ddg1_=42hcGFlAeUDUn81zfgh5; PHPSESSID=e01c22bb1e354cb3da62e4edd62735b7\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":19,"data":"formSubmitted=false"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=eHdLQkvh9eGi4BH0; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg10_=1767603846; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg9_=91.90.42.154; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 05 Jan 2026 09:04:05 GMT\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":12,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"d361e6b3f641788dace6707209d55a63","sha1":"02826cbae05e1312a9b9fd2e58ca2a07e488c76b","sha256":"fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7","sha512":"2dfdf35e0d21943e04a5a5a4eea19302af309931523cf0b87548f189c418a0a318c1ad2ff703895b3c50946c9660f26c2345d0abc8017593360ed41857e2363a","ssdeep":"","tlshash":"a1600000000000030cc00c000c000030ff333f00000f00c0000c00f00000cc0c00c000","first_seen":"2023-04-05T19:24:08Z","last_seen":"2026-06-08T13:13:53.894951Z","times_seen":1251,"resource_available":false,"data":null}},"time_used":15039,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15039,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"www.hitbtc-login.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/favicon.ico","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hitbtc-login.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 06 Dec 2025 18:00:11 GMT","end":"Fri, 06 Mar 2026 18:00:10 GMT"},"fingerprint":{"sha1":"CA:52:57:4B:E4:39:D1:A2:AE:FE:FB:2D:05:B1:E3:EF:2B:41:3B:F4","sha256":"B1:81:4D:9D:C2:62:30:27:43:59:13:E2:15:2F:EB:E2:C4:B0:B9:5B:B9:6F:59:3A:F0:73:42:95:EA:88:1D:E2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.hitbtc-login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.hitbtc-login.com/\r\nCookie: __ddg8_=qx3CXWtV2hfSyBte; __ddg10_=1767603846; __ddg9_=91.90.42.154; __ddg1_=42hcGFlAeUDUn81zfgh5; PHPSESSID=e01c22bb1e354cb3da62e4edd62735b7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=IQ5e5gjRMIAwD5MP; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:07 GMT\n__ddg10_=1767603847; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:07 GMT\n__ddg9_=91.90.42.154; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 05 Jan 2026 09:04:05 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-06-08T13:36:42.507539Z","times_seen":145817,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"www.hitbtc-login.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto+Mono","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Open+Sans:400,700|Roboto+Mono HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.hitbtc-login.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 05 Jan 2026 09:04:06 GMT\r\ndate: Mon, 05 Jan 2026 09:04:06 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13779,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"2a7543a7903c5d21ed7356a854afb9e8","sha1":"b44f15a30f952dc50fa94a1b5d1bdb2fcc0741fd","sha256":"620a91f80f2e71c3cc84835ffcd6081fa36862640690e7778898abf6d69a86e1","sha512":"46f43ea59b88c041c106cd7fd7c38a5f78d40e5c5423c9d2a8f2a13d8af3e7248471bd7133a90666430ea724757d8d81542af27d8410924f26eb5a2bc6ce422c","ssdeep":"192:wCAAN21/rqbnbqGIwV4Razq4CZZE2s6rqmnbqGIwV4YfzvsNVnRNVWNVE3MNViND:TjXqY4nU8qY4pVnHVcVi6V4VsVG","tlshash":"67524ea1002b585067431ce623de3e34ee0fa2657044d07aabfd4b9aeedad75637431d","first_seen":"2026-01-05T09:04:32.922387Z","last_seen":"2026-04-06T04:38:16.947091Z","times_seen":3,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":101,"dns":1,"connect":7,"send":0,"wait":22,"receive":0,"ssl":95},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/assets/master.5c8ee6fe.css?v=qweqwe","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hitbtc-login.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 06 Dec 2025 18:00:11 GMT","end":"Fri, 06 Mar 2026 18:00:10 GMT"},"fingerprint":{"sha1":"CA:52:57:4B:E4:39:D1:A2:AE:FE:FB:2D:05:B1:E3:EF:2B:41:3B:F4","sha256":"B1:81:4D:9D:C2:62:30:27:43:59:13:E2:15:2F:EB:E2:C4:B0:B9:5B:B9:6F:59:3A:F0:73:42:95:EA:88:1D:E2"}}},"request":{"raw":"GET /assets/master.5c8ee6fe.css?v=qweqwe HTTP/1.1\r\nHost: www.hitbtc-login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.hitbtc-login.com/\r\nCookie: __ddg8_=tnaUZDM1bgCB5Qxp; __ddg10_=1767603845; __ddg9_=91.90.42.154; __ddg1_=42hcGFlAeUDUn81zfgh5; PHPSESSID=e01c22bb1e354cb3da62e4edd62735b7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=UK2p5afQRSXNPqlA; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg10_=1767603846; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg9_=91.90.42.154; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 05 Jan 2026 08:49:42 GMT\r\nlast-modified: Sun, 24 Mar 2024 02:09:22 GMT\r\naccept-ranges: bytes\r\ncontent-type: text/css\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 864\r\ncontent-length: 78488\r\nddg-cache-status: MISS,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":520095,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"03ab5a0673bd67f96de1b25ea7cd77c1","sha1":"c64e0abdd0b6a04814bdde839c614b627a1d528b","sha256":"350a93e2df38a924df2c5047bee6ae9c8f1b32de37392d9c954ff2bcba58977b","sha512":"8ce99cf22219220b2ea32ddf57b260f8b653479c9379aba40bf18e09b0b8ad5c9fe50d996a00f89017d83e8f5d002e940b3798c059fb577ba07f38324f074eee","ssdeep":"12288:9W5qSHFU1N9jjlXBTnW2uxC5W5tFIqL24ipfEkferMUCocvpG0ow9ZyRqTG0Sx42:Nbu","tlshash":"22b495daa7f91a14b433c4aa68965b67736c5043450defb9fbf0a01cdeca1c2c6227c5","first_seen":"2026-01-05T09:04:32.923778Z","last_seen":"2026-01-05T09:04:32.923778Z","times_seen":1,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"www.hitbtc-login.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hitbtc-login.com/assets/bg.jpg","fqdn":"www.hitbtc-login.com","domain":"hitbtc-login.com","tld":"com"},"ip":{"addr":"45.10.243.7","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.hitbtc-login.com/","date":"2026-01-05T09:04:06.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hitbtc-login.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 06 Dec 2025 18:00:11 GMT","end":"Fri, 06 Mar 2026 18:00:10 GMT"},"fingerprint":{"sha1":"CA:52:57:4B:E4:39:D1:A2:AE:FE:FB:2D:05:B1:E3:EF:2B:41:3B:F4","sha256":"B1:81:4D:9D:C2:62:30:27:43:59:13:E2:15:2F:EB:E2:C4:B0:B9:5B:B9:6F:59:3A:F0:73:42:95:EA:88:1D:E2"}}},"request":{"raw":"GET /assets/bg.jpg HTTP/1.1\r\nHost: www.hitbtc-login.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.hitbtc-login.com/assets/master.5c8ee6fe.css?v=qweqwe\r\nCookie: __ddg8_=UK2p5afQRSXNPqlA; __ddg10_=1767603846; __ddg9_=91.90.42.154; __ddg1_=42hcGFlAeUDUn81zfgh5; PHPSESSID=e01c22bb1e354cb3da62e4edd62735b7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=K3ko1mvAr4U1jAel; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg10_=1767603846; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\n__ddg9_=91.90.42.154; Domain=.hitbtc-login.com; Path=/; Expires=Mon, 05-Jan-2026 09:24:06 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Mon, 05 Jan 2026 08:49:43 GMT\r\nlast-modified: Sat, 23 Mar 2024 06:41:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 66192\r\ncontent-type: image/jpeg\r\nage: 863\r\nddg-cache-status: MISS,HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":66192,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x841, components 3","md5":"dcc3e3f2463731e45234bd1a7c367962","sha1":"8823c28a71bc675af8fb097b81bfb176d8aed2bc","sha256":"d1d226a88dd187135c46592cd9c9122f2355c36b7f5cc79e48f3f87bfac1d935","sha512":"aebcdbdda12764adfb3c54990a267681bb1bb38fea2ee535d11d203902e2e10ab3f68a3c5cc2293c563270a9ed221b53e2beb4c111bb15af747082395613f6f3","ssdeep":"1536:VZ3zqvjixuZlIL4LlrsL+yKzKJApe+Qx5dcgoGVnbJ9:VtMlIL4aKzKJAux5dRlnF9","tlshash":"e65302b7c88ba64ee1f08e53011626e327826127a7506fc2437f6d6857e1574afccda3","first_seen":"2026-01-05T09:04:32.925319Z","last_seen":"2026-04-06T04:38:16.960499Z","times_seen":3,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"www.hitbtc-login.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"www.hitbtc-login.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}