{"report_id":"bcfcb023-5af7-478c-ba81-357a36b2245d","version":6,"status":"done","tags":[],"date":"2026-03-17T15:21:46Z","url":{"schema":"https","addr":"bitgetiai.com/","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":0,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"bitgetiai.com/#/not_wallet","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"title":"bitgetiai.com/#/","dom":{"size":2434,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1249)","md5":"9430b0399c43861ed3823ce2c11de5c3","sha1":"a50011b37a6955a94841c9ff284737b1ccc03574","sha256":"6805dcb477e154586378e0af81e1e4cfe67b2dcb55f7c20af660bebd2db0ef9e","sha512":"38722be4413a21bcb664831a9fa699cedf9de8e324026a245813003d43ecd1711ad23cec0b7a52fd09d18a2c0be0394822b4c26ee8fdef13bdc746aae8a737de","ssdeep":"","tlshash":"884151019d46d5a943b249f2e430be2ed303db46c307c9b069d801af6fca5e66fab1c4","dom_hash":"domhashb463205ba88581575f285ba695cfd4c9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"bitgetiai.com/","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":0,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-21T15:21:46Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bitgetiai.com","ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":20,"request_count":10,"received_data":4409792,"sent_data":4518,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bitgetiai.com/js/0_808788b94a0f3bb8a3e2.js","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"359c8c70ee62a8b57d1866a522e801df","sha1":"0657fc13255de7bd461b992c158c1a3738b451b9","sha256":"09f66644ee73b85aed0aa73a9db1a7ab5637b5c4fffa0bcd3c7c1363918d5860","sha512":"f9624f5e0513796547eccb524f72f9d5bc8e6da3f3f94703eb3e9292f9ec8537c07511d2da6120fdaf5aa9bfcbb0764d1a48a42685d4dc47bf29726f0564b67b","ssdeep":"192:geWr7nIMHQIdJs3Hk4daXzPillixIk1XQcBGMvaJ5o:SrsIdJWd46XixIOnvaJ5o","tlshash":"6b125498b291b0f15ad731ac812f920ff276a865708b94d0d279d4f0adbcdde4463f29","size":9232,"data":"","first_seen":"2026-03-17T15:21:53.561591Z","last_seen":"2026-03-17T15:25:36.599286Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitgetiai.com/js/35_808788b94a0f3bb8a3e2.js","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b401ab6cdf37f764026bce0939e69a1","sha1":"e74c719d613cafe0098def001f9cea1595279888","sha256":"99a47253e3c1ec6eb5c237ba121b63395a35bdb6f85afa493c785e39037441ae","sha512":"c7038533a96157d565d2b825180390c3c5630c3257fc19a1944d7f9c38c67132af50a0ffa0c8db256ed5ba1e266013b2d17cc9c8591ef2ac2a4847681d615682","ssdeep":"","tlshash":"c841538ba858752c939f4153823d4967f0651a943737c1a9e272c1ecba70069072fb1c","size":2351,"data":"","first_seen":"2026-03-17T15:21:53.556848Z","last_seen":"2026-03-17T15:25:36.602896Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitgetiai.com/js/main_808788b94a0f3bb8a3e2.js","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"a64eca37278bd6edfb9b4c35d76edfb9","sha1":"e8e90c9410795cc11ba148db229c5f749d56c53d","sha256":"663094b4fa60f2e9bacc30b175314af83b824bc9fbe3a18f1db454ed48ae0013","sha512":"81f0a57954552f66fc8e4ba7a5cdc50e225ecca67667544ed66ba57e23454b158c95b4056f092bad9414a38c9b170967d4cdc5c4c994afd40d654383a0df1410","ssdeep":"49152:KdVZw2Kx6yMCKZLYfC2NgFXDeTkwSJJL/XYzQTN2WF:rdBIN","tlshash":"73d509c472507052c3a76a90461ff04ae33fba5d6cce086df597e4f23ca9954962af38","size":2949484,"data":"","first_seen":"2026-03-17T15:21:53.569207Z","last_seen":"2026-03-17T15:25:36.612738Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bitgetiai.com/js/35_808788b94a0f3bb8a3e2.js","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitgetiai.com/","date":"2026-03-17T15:21:27.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitgetiai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:38:37 GMT","end":"Sat, 13 Jun 2026 13:38:36 GMT"},"fingerprint":{"sha1":"55:E4:35:8C:66:5A:65:E8:08:02:0F:21:3C:EC:47:72:23:CC:4D:A9","sha256":"07:54:35:80:FF:CD:D5:05:21:7E:5A:9F:F6:62:A9:E2:BD:AF:D4:64:8C:C1:B4:AE:08:79:D9:F2:88:08:0B:76"}}},"request":{"raw":"GET /js/35_808788b94a0f3bb8a3e2.js HTTP/1.1\r\nHost: bitgetiai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitgetiai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 17 Mar 2026 15:21:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 13 Mar 2026 11:24:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b3f3ea-92f\"\r\nexpires: Wed, 18 Mar 2026 03:21:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2351,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2351), with no line terminators","md5":"9b401ab6cdf37f764026bce0939e69a1","sha1":"e74c719d613cafe0098def001f9cea1595279888","sha256":"99a47253e3c1ec6eb5c237ba121b63395a35bdb6f85afa493c785e39037441ae","sha512":"c7038533a96157d565d2b825180390c3c5630c3257fc19a1944d7f9c38c67132af50a0ffa0c8db256ed5ba1e266013b2d17cc9c8591ef2ac2a4847681d615682","ssdeep":"","tlshash":"c841538ba858752c939f4153823d4967f0651a943737c1a9e272c1ecba70069072fb1c","first_seen":"2026-03-17T15:21:53.556848Z","last_seen":"2026-03-17T15:25:36.602896Z","times_seen":2,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitgetiai.com/favicon.ico","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitgetiai.com/","date":"2026-03-17T15:21:28.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitgetiai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:38:37 GMT","end":"Sat, 13 Jun 2026 13:38:36 GMT"},"fingerprint":{"sha1":"55:E4:35:8C:66:5A:65:E8:08:02:0F:21:3C:EC:47:72:23:CC:4D:A9","sha256":"07:54:35:80:FF:CD:D5:05:21:7E:5A:9F:F6:62:A9:E2:BD:AF:D4:64:8C:C1:B4:AE:08:79:D9:F2:88:08:0B:76"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bitgetiai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitgetiai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 17 Mar 2026 15:21:28 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 2266\r\nlast-modified: Fri, 13 Mar 2026 11:24:26 GMT\r\netag: \"69b3f3ea-8da\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2266,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 264 x 215, 8-bit/color RGBA, non-interlaced","md5":"84e0ee9a27744d430fab9e466efa72ae","sha1":"c41789ffdd741b0cf56edeff8e08557ef2bf668f","sha256":"cc449e62a8a11559c5d0087fe40ff6924f14d5e079c4d6cfdfe3e2af8c357a2f","sha512":"d3f42f108473ed7e5bf018d3f788dbc5fc5355da8f20bf0fe92f7984314a02fdaa00f7acf9baa03fbfba7f83eae1d35f51ce7754da44fa0b5c5a282593c01efe","ssdeep":"","tlshash":"b8412bcb37b23be80441b42f12a47187b61ffb7b16600d832170aa75bf85a80486c8b4","first_seen":"2023-05-07T16:45:30Z","last_seen":"2026-05-01T06:27:51.943463Z","times_seen":106,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitgetiai.com/","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-17T15:21:24.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitgetiai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:38:37 GMT","end":"Sat, 13 Jun 2026 13:38:36 GMT"},"fingerprint":{"sha1":"55:E4:35:8C:66:5A:65:E8:08:02:0F:21:3C:EC:47:72:23:CC:4D:A9","sha256":"07:54:35:80:FF:CD:D5:05:21:7E:5A:9F:F6:62:A9:E2:BD:AF:D4:64:8C:C1:B4:AE:08:79:D9:F2:88:08:0B:76"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bitgetiai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 17 Mar 2026 15:21:24 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 13 Mar 2026 11:24:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b3f3ea-4cb\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1227,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"8fb7a91ef518cec193bf6cd7d229e9c4","sha1":"deba2c6591d45ea70fa5420ffa5293b0a235e35a","sha256":"ebc00a0a43fbbd838adf394d547de93ad2f5f10fcc2d7be671ee0b7b827319e3","sha512":"d291d35182a110519048230ced117add4df538b81e2489eb3f9594901cec41c62435d9ae5b98db802972eb64c0b31771e4ea401d5368c00e17799df317976495","ssdeep":"","tlshash":"e021f4149c80a4a4027182a4b8b0f61ed9428f6793175de1b4d856af7ff6f8ccd97194","first_seen":"2026-03-17T15:21:53.558949Z","last_seen":"2026-03-17T15:25:36.605841Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1461,"timings":{"blocked":595,"dns":60,"connect":265,"send":0,"wait":266,"receive":0,"ssl":272},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitgetiai.com/css/main.css","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitgetiai.com/","date":"2026-03-17T15:21:25.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitgetiai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:38:37 GMT","end":"Sat, 13 Jun 2026 13:38:36 GMT"},"fingerprint":{"sha1":"55:E4:35:8C:66:5A:65:E8:08:02:0F:21:3C:EC:47:72:23:CC:4D:A9","sha256":"07:54:35:80:FF:CD:D5:05:21:7E:5A:9F:F6:62:A9:E2:BD:AF:D4:64:8C:C1:B4:AE:08:79:D9:F2:88:08:0B:76"}}},"request":{"raw":"GET /css/main.css HTTP/1.1\r\nHost: bitgetiai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitgetiai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 17 Mar 2026 15:21:25 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 13 Mar 2026 11:24:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b3f3e8-14b0dd\"\r\nexpires: Wed, 18 Mar 2026 03:21:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1355997,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65365)","md5":"3dfeb1b53e80a35b03e28df1cc292a58","sha1":"9769ab47e47d4cd9defcccd7f8b354d9091816b8","sha256":"e3e91a58cea2a174ab439b068f9661b859623345acdde89e63b9eccc5b4903b7","sha512":"26f41b5b25a664b94f65bdd92fd72fed49b9a5c060d93a90a975153facee9cce6364edf3069269cee6ac72b1c453a41c778834866cd937befee6a96bef6c936e","ssdeep":"24576:cZgwh1nAukdDO3Xyr5Ir5eh0dTRPseL3IFAXc/wrtgmUKrh/rh:KhXc/wrtgmUKrh/rh","tlshash":"cf25d8e6e464289d3723c81e52c4f7a8572eb454d9220febf017759c86c63da2263f1e","first_seen":"2026-03-17T15:21:53.560141Z","last_seen":"2026-03-17T15:25:36.607563Z","times_seen":2,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":539,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitgetiai.com/js/0_808788b94a0f3bb8a3e2.js","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitgetiai.com/","date":"2026-03-17T15:21:27.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitgetiai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:38:37 GMT","end":"Sat, 13 Jun 2026 13:38:36 GMT"},"fingerprint":{"sha1":"55:E4:35:8C:66:5A:65:E8:08:02:0F:21:3C:EC:47:72:23:CC:4D:A9","sha256":"07:54:35:80:FF:CD:D5:05:21:7E:5A:9F:F6:62:A9:E2:BD:AF:D4:64:8C:C1:B4:AE:08:79:D9:F2:88:08:0B:76"}}},"request":{"raw":"GET /js/0_808788b94a0f3bb8a3e2.js HTTP/1.1\r\nHost: bitgetiai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitgetiai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 17 Mar 2026 15:21:27 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 13 Mar 2026 11:24:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b3f3e8-2410\"\r\nexpires: Wed, 18 Mar 2026 03:21:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9232,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9061)","md5":"359c8c70ee62a8b57d1866a522e801df","sha1":"0657fc13255de7bd461b992c158c1a3738b451b9","sha256":"09f66644ee73b85aed0aa73a9db1a7ab5637b5c4fffa0bcd3c7c1363918d5860","sha512":"f9624f5e0513796547eccb524f72f9d5bc8e6da3f3f94703eb3e9292f9ec8537c07511d2da6120fdaf5aa9bfcbb0764d1a48a42685d4dc47bf29726f0564b67b","ssdeep":"192:geWr7nIMHQIdJs3Hk4daXzPillixIk1XQcBGMvaJ5o:SrsIdJWd46XixIOnvaJ5o","tlshash":"6b125498b291b0f15ad731ac812f920ff276a865708b94d0d279d4f0adbcdde4463f29","first_seen":"2026-03-17T15:21:53.561591Z","last_seen":"2026-03-17T15:25:36.599286Z","times_seen":2,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitgetiai.com/api/index/config","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitgetiai.com/","date":"2026-03-17T15:21:27.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitgetiai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:38:37 GMT","end":"Sat, 13 Jun 2026 13:38:36 GMT"},"fingerprint":{"sha1":"55:E4:35:8C:66:5A:65:E8:08:02:0F:21:3C:EC:47:72:23:CC:4D:A9","sha256":"07:54:35:80:FF:CD:D5:05:21:7E:5A:9F:F6:62:A9:E2:BD:AF:D4:64:8C:C1:B4:AE:08:79:D9:F2:88:08:0B:76"}}},"request":{"raw":"POST /api/index/config HTTP/1.1\r\nHost: bitgetiai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ntoken: false\r\nlang: ja\r\nOrigin: https://bitgetiai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitgetiai.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 17 Mar 2026 15:21:27 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 86400\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2578,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f9a8844eb898ffea6c119e2e81cb206f","sha1":"b45d7489a95968eacd7f4680e532222613e4d49f","sha256":"bd38206c20fda3ebcde35a9d6f0244142f0a50c1cf9ed96e981837d4b1311f1e","sha512":"50a7637e058b840f577628532c24c2f85873dc0cd134a217ca8200d77aa2bc0ed9257ad8d4493956dfcdfbab183c7a5c54e40ec795fac451600aa531303281a4","ssdeep":"","tlshash":"bf5185bb60884d72d52593e151ee009127aa32d7cc894b7a27cccdccc8a515bdc0f822","first_seen":"2026-03-17T15:21:53.562876Z","last_seen":"2026-03-17T15:21:53.562876Z","times_seen":1,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitgetiai.com/img/guidance_ecd7917c8d1628741221412eb1f0b71a.png","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitgetiai.com/","date":"2026-03-17T15:21:27.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitgetiai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:38:37 GMT","end":"Sat, 13 Jun 2026 13:38:36 GMT"},"fingerprint":{"sha1":"55:E4:35:8C:66:5A:65:E8:08:02:0F:21:3C:EC:47:72:23:CC:4D:A9","sha256":"07:54:35:80:FF:CD:D5:05:21:7E:5A:9F:F6:62:A9:E2:BD:AF:D4:64:8C:C1:B4:AE:08:79:D9:F2:88:08:0B:76"}}},"request":{"raw":"GET /img/guidance_ecd7917c8d1628741221412eb1f0b71a.png HTTP/1.1\r\nHost: bitgetiai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitgetiai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T12:29:11.614953Z","times_seen":15959537,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitgetiai.com/img/guidance_ecd7917c8d1628741221412eb1f0b71a.png","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://bitgetiai.com/","date":"2026-03-17T15:21:27.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitgetiai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:38:37 GMT","end":"Sat, 13 Jun 2026 13:38:36 GMT"},"fingerprint":{"sha1":"55:E4:35:8C:66:5A:65:E8:08:02:0F:21:3C:EC:47:72:23:CC:4D:A9","sha256":"07:54:35:80:FF:CD:D5:05:21:7E:5A:9F:F6:62:A9:E2:BD:AF:D4:64:8C:C1:B4:AE:08:79:D9:F2:88:08:0B:76"}}},"request":{"raw":"GET /img/guidance_ecd7917c8d1628741221412eb1f0b71a.png HTTP/1.1\r\nHost: bitgetiai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitgetiai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 17 Mar 2026 15:21:28 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 13 Mar 2026 11:24:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b3f3e8-13f6d\"\r\nexpires: Thu, 16 Apr 2026 15:21:28 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":81773,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 390, 8-bit/color RGBA, non-interlaced","md5":"ecd7917c8d1628741221412eb1f0b71a","sha1":"5de18c291a2f2356c521b2af080586d02745c98f","sha256":"404d12945f78269b1db2502833c2c3070a81076bb92b18361b03d56df88b57e5","sha512":"fecb7653b35752fd450835a02b057303438d4c91f773eca712a638fe9f86112485caedfea2cc6abd44d0aa52544f97442a07501f068dea3b6abc65f2645e9e81","ssdeep":"1536:1AMrt/UCiATyCGMw3B6mtLQqJZhOtjXTHrFi6LN34kbzmB2IveDHxlsAZConHos:CytAC43B5Zg7FToqGvqxAk","tlshash":"35830220b3d5aabde26656ac854953c44b8b1cbd24f0f1fc668786f417412d22af3f39","first_seen":"2023-05-23T06:10:01Z","last_seen":"2026-05-27T17:57:21.880677Z","times_seen":740,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitgetiai.com/js/main_808788b94a0f3bb8a3e2.js","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitgetiai.com/","date":"2026-03-17T15:21:25.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitgetiai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:38:37 GMT","end":"Sat, 13 Jun 2026 13:38:36 GMT"},"fingerprint":{"sha1":"55:E4:35:8C:66:5A:65:E8:08:02:0F:21:3C:EC:47:72:23:CC:4D:A9","sha256":"07:54:35:80:FF:CD:D5:05:21:7E:5A:9F:F6:62:A9:E2:BD:AF:D4:64:8C:C1:B4:AE:08:79:D9:F2:88:08:0B:76"}}},"request":{"raw":"GET /js/main_808788b94a0f3bb8a3e2.js HTTP/1.1\r\nHost: bitgetiai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitgetiai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 17 Mar 2026 15:21:25 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 13 Mar 2026 11:24:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69b3f3e8-2d016c\"\r\nexpires: Wed, 18 Mar 2026 03:21:25 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2949484,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33080)","md5":"d794c493c85b20e755debf7d02237c0c","sha1":"65e71d942243290d65c6be34cbaea2a04e3ab246","sha256":"b83cb52313afebf9c42cc307ce3caa91959af9580ad5ddbee79e266652bb60fa","sha512":"533baa3946eb5d667954007e8cdd0f1a181d5ef28ac8dcb3718962c0ed4bc71b5a6038ed8d5c012fbfd951649b90e7dc81e6c42d94beb9b8f44ff42d3aee0eb7","ssdeep":"6144:sDTGAwImsTGfckZ3ciEwvxUPvktP8/7V9mscgGxK2a4xP7pby/uyW0I9hDISQXxv:ezysgcIciEwHIEsMJx9Zy8DZiyMh","tlshash":"8635f889b291b052479775a0002f100ff27abe5da80e447cb664d8f67dbd99d923bf38","first_seen":"2026-03-17T15:21:53.56614Z","last_seen":"2026-03-17T15:25:36.59705Z","times_seen":2,"resource_available":false,"data":null}},"time_used":804,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":804,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitgetiai.com/css/35.css","fqdn":"bitgetiai.com","domain":"bitgetiai.com","tld":"com"},"ip":{"addr":"162.245.220.29","port":443,"asn":150452,"as":"LANDUPS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitgetiai.com/","date":"2026-03-17T15:21:27.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitgetiai.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 13:38:37 GMT","end":"Sat, 13 Jun 2026 13:38:36 GMT"},"fingerprint":{"sha1":"55:E4:35:8C:66:5A:65:E8:08:02:0F:21:3C:EC:47:72:23:CC:4D:A9","sha256":"07:54:35:80:FF:CD:D5:05:21:7E:5A:9F:F6:62:A9:E2:BD:AF:D4:64:8C:C1:B4:AE:08:79:D9:F2:88:08:0B:76"}}},"request":{"raw":"GET /css/35.css HTTP/1.1\r\nHost: bitgetiai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitgetiai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 17 Mar 2026 15:21:27 GMT\r\ncontent-type: text/css\r\ncontent-length: 198\r\nlast-modified: Fri, 13 Mar 2026 11:24:26 GMT\r\netag: \"69b3f3ea-c6\"\r\nexpires: Wed, 18 Mar 2026 03:21:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":198,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f4a69e11d8f5281924a6200748acc36a","sha1":"b2c004d2f913b45ad2468aee7f2f3588aea4d8ba","sha256":"a675e8f439f784bac6b304dd64d56f8e7a15af5475143ed822edcc843bfa5eac","sha512":"26cc42f24a709c30d196aaa843c98dc0f1bf003a95944f33c4f4fabdd32df56fa4a8f1db961c98a627dc7953455dece26c379dcc03994eb88b5828e597445b35","ssdeep":"","tlshash":"52d02200211607612a1bf4800e684208c80ac141eb4f4e1f002b04e852cf2c802f76c9","first_seen":"2025-04-08T11:30:19.338503Z","last_seen":"2026-03-17T15:25:36.601421Z","times_seen":21,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"bitgetiai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}