{"report_id":"c159b447-e9d8-463f-86f2-a9aabb31ba0f","version":6,"status":"done","tags":[],"date":"2025-11-26T02:39:12Z","url":{"schema":"http","addr":"nitcoinvn.io","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"172.67.199.207","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"nitcoinvn.io/","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"title":"Instant Bitcoin \u0026 Cryptocurrency Exchange in Vietnam - BitcoinVN","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"nitcoinvn.io","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"172.67.199.207","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98","country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-31T02:39:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"nitcoinvn.io","ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-13","domain_rank":0,"first_seen":"2025-11-26T02:39:13.257414Z","last_seen":"2025-11-26T02:39:13.257414Z","alert_count":152,"request_count":38,"received_data":1939803,"sent_data":16880,"comment":"","tags":null,"fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"widget.trustpilot.com","ip":{"addr":"54.240.174.15","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2007-06-30","domain_rank":36063,"first_seen":"2017-02-01T19:05:34Z","last_seen":"2025-11-24T00:39:50.743589Z","alert_count":0,"request_count":3,"received_data":66914,"sent_data":1864,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Kestrel","description":"","website":"https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel","common_platform_enumeration":"","icon":"kestrel.svg","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"nitcoinvn.io/","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6f7bc50215c388b60161d1f59381d609","sha1":"b6fd1a750c8967302ea527d9884139210aea1eef","sha256":"49577a3209e6480cd54027c0148baaa0b0a701379a8506f72378b8ad37969064","sha512":"a3ee1a57b9d961fce4a25429854f099a4322c42fb5e101414435f4b73c8e0bd892623f5ecda3bc439245355c179ff6f6e9a68bfaa0e63402c3578d7bf72b3e64","ssdeep":"96:TLS0mc0GOejfZviLehyhM1ACVzQ5eaYU5ix61EPscdQP+omyboOJLPuDXH+5GPZM:HIc0GOejpuE1ACVM5eaYU5ix61wQPPjh","tlshash":"6ab1ac15106c57764e38d9c468ce3a2efb087832204ec49e6fefdd8a13da769b157278","size":5586,"data":"","first_seen":"2025-11-26T02:17:56.51079Z","last_seen":"2026-03-29T15:45:39.974776Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T08:45:39.869407Z","times_seen":292826,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/runtime.69f15bde.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d1fd594ec8f1993ec518f0bcb2800ed","sha1":"61829538aa191231a9125264e2b47fe804eb812e","sha256":"f343e31ceb891cbfc3e13084adb8afa9278dba7431b69fb9fc54c222ade3bbb8","sha512":"f1eee7eb1731156f4aa91d458afae983eb2b79712efb0a5d7fe689cf6f0376977e00cc660b4374429b3f3ab6eb5f3979e645b12edb87df354ef232f5647c4aee","ssdeep":"","tlshash":"e25194e23664e8fa2be25c84172ed982e6276433552f98b2a707cc757578ec00466bb1","size":2808,"data":"","first_seen":"2025-11-26T02:17:56.45942Z","last_seen":"2026-03-29T15:45:39.951432Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/198.d9edbca9.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"32304b5bc09a37c86ca9d864cacee1a1","sha1":"be85de2ac5f50452c23da40a2603b2e49195c765","sha256":"307d3bec25533a76b54c865ab8281e3478cfdd474d86f6a46c3ca0ae31b92403","sha512":"9bb9725b3806f6667e5bbf22b260f4b7cd33bca5bf3854cb97de6dccec63c787c261484a141444cb486a5696eb7742e58ea511f4ac56f1e9d05f87b07106c847","ssdeep":"384:pM92ejkrIaeKCMaC0LRkzQ4J4vp74gs3qpJ7wQYYn4mp:L3SBDp7fVp+NU4mp","tlshash":"1792b889f651b0b50b677960617f0406e6b61644a88bdd90f723e8c83c7f85eb027bbd","size":21219,"data":"","first_seen":"2025-11-26T02:17:56.454147Z","last_seen":"2026-03-29T15:45:39.969682Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/160.bb703800.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"37e3770779b19a9f72380ce6890598af","sha1":"8bc0484d8a1681cb5b7f45bb3eaa4a6cb519e61a","sha256":"ea0ba897c26cca8c4dc29f5fed2861364701bf2aff26e60b249a7eb57d0f65a6","sha512":"a3afbff1e5f6f9e432dac243663989e75a70f43a8ca585498d05bbd34d18d2278194f009d2294623fbc4afa72bac9be0ec73f31c451180188e31e0d18c41118d","ssdeep":"192:OvI+DQZlYRpeySzK0w1wgxbdOdJAe/dIEv0t6QxoGQOmf88PThpgUGeznp:OvI+DslEM3tAelIF6k+tPTPg6V","tlshash":"2a42b686b591b4610b768414222f440bf3622f48649edde0fb53c9d8bc7d85fe0abb6d","size":12189,"data":"","first_seen":"2025-11-26T02:17:56.450105Z","last_seen":"2026-03-29T15:45:39.942532Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/chat-no-jquery.min.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8172660f590d445dc9017185be9660e6","sha1":"cc6e1b005df98499186b2dc885fdeb8eccf7f025","sha256":"feff1e767d55aaedc4a671655d68258339390f62c94e9354a933d85ce7829e92","sha512":"a00e11ff69e82b8c01f0a685a0ec189351c591209edfa1246ac2c6ebc92ee882c411285e4e096b877060d70cb0b4b1fcb2692af72c19df1b6edb7b83e32e4d5e","ssdeep":"1536:N1VOeJGw6MW8yD+DyX80nc6g6hL5DlKLrJhpjhh:EsAhG7Nhh","tlshash":"de932b84b140267a07d3d2d2a176370a337c40ad664500acb96ecdf81e76d99b377fba","size":90852,"data":"","first_seen":"2025-09-18T00:13:21.924129Z","last_seen":"2026-03-29T15:45:39.95225Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"279a8938be47905145450f77921adae6","sha1":"1dfcc094d6974a113f0562c509e53186e970bdbe","sha256":"d91749d291c14d4acd3474d22516ede4bb61454338ee2b373ab5fbff68f1da4b","sha512":"0bb1d22409574fd00a6b21d0dc1bb2adff04030f35c6ebfb26a59750c1022968b760d752546dc9abff01ae601d4bddb6a65c2c68bf3459295f3b77d6c9b9e93f","ssdeep":"","tlshash":"46e0226a0835b030142750bd8f1e02130624006b2c0465307c0c12900f0e23c72f3fdc","size":321,"data":"","first_seen":"2025-11-26T02:17:56.512486Z","last_seen":"2026-03-29T15:45:39.975828Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/523.10fc41c7.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bbe328d2dae3fe46167802aee78ce15","sha1":"87b03b9117a179dfafc27bad21a9da97eb14bf82","sha256":"1727fb81daecf89807ad4517a905e8e7cf0e684dcec0ff7d9d1844cd8ac3cf3f","sha512":"74cb26bb4e1a9291b0962df25c622a06ee09977daa14461ef12ab4ab9b3a7e986d17447af6a6f1bfdbefe29a49ad0107d7fc18bf776493982655b21b63471ed2","ssdeep":"3072:m+yIKNp6hW3xsjrYnnoEFE3K+spZkDyKgP3jehq+CmNsGz:mlHNp6hW3xsjrYnnoaAORjehq+baGz","tlshash":"38440b55338272a14edf61b9943f024aa23a9664148de0ecf539ddc0fd24dcba2a3f75","size":264363,"data":"","first_seen":"2025-11-26T02:17:56.461199Z","last_seen":"2026-03-29T15:45:39.955014Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js","fqdn":"widget.trustpilot.com","domain":"trustpilot.com","tld":"com"},"ip":{"addr":"54.240.174.15","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0661e82e1e81e92cd72dd68fb8c66a6a","sha1":"3b13421fd89673e1900b5f6c3a6c970b08a2f233","sha256":"2f193d706417bcf72a130968908edcd09a192c51f4b592114ea4697ee4dfe85b","sha512":"27c2b3ef134510f35696ac970874c50def325bb423d5268491f616323fb697c40d89e0562ee253b0e3aeca571573e86bf91eaafab13539bf1af0dee451b9d0d8","ssdeep":"768:7nRNnPGUJBAyEgzQyudtrUp4Bj2bvuSky9QV11yCWnff2rub:tNDPEgzQy+y4B2juSzQT1yCWnH26b","tlshash":"26434bd47190b4e2068782b61c3f724af277b8b8b54dd0d0b2a9e8d42fb1cdd5236e19","size":56421,"data":"","first_seen":"2023-05-09T00:44:05Z","last_seen":"2026-02-24T02:47:46.614609Z","times_seen":1738,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/tp.widget.bootstrap.min.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a1c9c765b87d33ee97019691f86c5b99","sha1":"c6190658cdac8c1e50625c644980dc134e7cb33a","sha256":"63abe8b3f8e219a9c85f40a2e9c77ea95f877802be6cca4258242598e1121cb9","sha512":"18d82e6249e572a0e9a592f54a9e1fd205045df650d3fbbe0c13f812145c658f7862c3574dedd26f07436ca8cd3d7c345526844fd1e702d2b35fbfb22e998284","ssdeep":"768:sooGSfWNfXi2Tfv4tns1em2wI9T/bI1cvRt4XQ1foxpA1WVFPrkr+xxf:4kN549s1xWN/bI1w3zr+7f","tlshash":"21231d8aaaf694305657b0798f2fa1007931505f2d9afd183e5c82a44f1cc3e62b5fed","size":48542,"data":"","first_seen":"2025-11-26T02:17:56.507177Z","last_seen":"2026-03-29T15:45:39.945087Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/575.72c5359a.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5d76d9a12ecb2cadc6fdbb56fffda71e","sha1":"ab146b32608b1b37bffc757c83b897489d91d482","sha256":"7e36f834361b1869652a539ff78cc3e92fb81ad2d53f085b7c5787fd054d39f7","sha512":"e148eb6b3911a01ce1561ac1b7acc94bba64579ab6cd20f7fb9669fe5ba8e7fbbf2e9b1f25e74e3b2d45650c2403ffb0c0df01b325e8a0ff1eff671b9c97aaa6","ssdeep":"1536:4/cPL5h0kN8/BsghBy8Q+in+4kBzmt1Rk7f+ALeCvwuwRN+Ycm5pqh5KN+peH6iW:mka8qh5G69DwcYgCXxm/","tlshash":"a0f3e94e3250b57202efa0a6903f450fb237695da806a05cb5add4ed2e7cd58317bf39","size":161841,"data":"","first_seen":"2025-11-26T02:17:56.452354Z","last_seen":"2026-03-29T15:45:39.961385Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/969.a8797199.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"72503f913be08132e6bd7a16a121b1fc","sha1":"66713185e7801a6b1812e6b46909fc501928e4fc","sha256":"9aef1b47e9f38604aaa66e2c25d1223eeeace65c72356c6b5b8a866b33097081","sha512":"51c78aa97a170aaba098af9a959d7203fd94bf78777bc3a080b8d6d57b158ea2b40c62e3c995e4bacd5d2044528b626fed77a5c3c71301fd17df8f0969175f31","ssdeep":"768:hmfUFlUmTjKFuMj0HSVLKVWciRD5KF/gJoOLDXZWRw3j7pWXl/z6S4YnI/CC8uZD:w22XnRD5KF4YUj4Xl/W5BUDQWtQi+","tlshash":"25830bb5b29161b56ba246d2503b0007f239e674641a806cfb3dc9dd68bcd86b53bf38","size":86376,"data":"","first_seen":"2025-11-26T02:17:56.49802Z","last_seen":"2026-03-29T15:45:39.953702Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/swap.7c48df19.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc4f0317a620b4e1aa5115b855dac5d3","sha1":"943aad268b04fd13654e1f26f6ea7553a46b5d0f","sha256":"124ee086624ef673460d036c104b09385b7f6c6edbe2d91eaf0ba9d557ebc8fd","sha512":"730d046bac238f293e1452808dc8597f1bc4e60c364b2e114e0aa063b7b1100761f9e97c505419e04aedb5eca4949cd7809b2061c804d3df77f433154c13cf96","ssdeep":"768:G6zYaPfvVHXH8LN7Cudub3mTfrLQRIPdNOa:Go7flcLlLduQ","tlshash":"8803844a7ae360a0a637b03c9e6fd4443530545f894afe443e4c96a0af5c93d93f1bad","size":38887,"data":"","first_seen":"2025-11-26T02:17:56.414987Z","last_seen":"2026-03-29T15:45:39.94377Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/app-bitcoinvn.c8983b1b.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2cccac66d7d152a01338f838782fd5a4","sha1":"6b19337d30aa8f38ee76587f20220de13746d193","sha256":"95504f7ba8f88109d94ae5fe03866038a17de6740309ad816c596c13924aaf4f","sha512":"bb1bf342648f8564b926f6c780bf5a5051cbfd8296fe172cbc1dbc6e7d472952891a48b5bda1ad0cba0f880f92d36338f9f7483b61a04f80933d5aa31a3cbda8","ssdeep":"","tlshash":"d851c60d75aaa86f25ff753f580f580852271d37d848c901d87e98b61c7970d6233e4e","size":3044,"data":"","first_seen":"2025-11-26T02:17:56.439575Z","last_seen":"2026-03-29T15:45:39.968169Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/script.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"753e5d7353c673a4908d88562be724ff","sha1":"61278d262ebf6d068cc9e1eeac0a5b76f11b16d1","sha256":"e71b89d28d853de429fd2ad9a89c12c8ce73a15b8bca05b210e6a79766969693","sha512":"c10d8d3490a680da49ad7ae0debfabfc5c6315a18bacd6635f990d39dc2401f408ad21bca0b352d77d72cbeb5ea924865c80f964e8b872aebd1a39b40f9d4155","ssdeep":"","tlshash":"1941ac5b08507674d836b26aaa1ff902fc232677214597033ebd86146f3065b8378fdc","size":1905,"data":"","first_seen":"2025-11-26T02:17:56.442541Z","last_seen":"2026-03-29T15:45:39.964091Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/755.c3cb6d41.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb2def123a3d0b02b3e9a7f646486739","sha1":"4663db1b5620731daff988e7ce2660094740cf14","sha256":"5d848ae7d84d3eb291667c75082af6210a6565e6e989eaa18588f1f6821317d2","sha512":"b78ea35ba883a6aa7d42c2f15e9aeeb16330dd6c8ba2f123c85b742cab4188cb075e10696552eb4c1c9daa6b08d314bfd0583e8e4c016168131edb9fd47afab6","ssdeep":"1536:YCQo1GZGM+xTWaxsZu0JwKFvzokaggUaE6clBXvPS9ZteGNDV1yzxgKZZuMv:YruK1omFDPS97JEgKjuMv","tlshash":"cf83f8ddb2cab02247a760b9007f550bf236199d680dc410f159e8e9bc78a4e927bf7d","size":87177,"data":"","first_seen":"2024-01-08T12:55:38Z","last_seen":"2026-03-29T15:45:39.922054Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"nitcoinvn.io/","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-26T02:38:49.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nsurrogate-control: no-store\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\nexpires: 0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rJvpqy6RXbBR0LcDXu1KspwRhAw%2Fr4140eXQIlezw3gLYQLWkYjg4XlE2cjpUhHeBjTFMOLU5ve3Q248WGMOv6FoXHlMrAq0lZU%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a46030498cfb4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":493456,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2945), with CRLF, LF line terminators","md5":"63bae5e4ffa5435790aab86b1ec1b8f3","sha1":"ac1125921c562217e6415103117ee924f942b7fe","sha256":"3e27e40c4bd0c3b5540e6346aa796c510817d9159766c3003741c82622aff048","sha512":"e855b10189bb96c7e52f8f4ca5efae2404e79ff35dbe23c56a58941d41cae289a950bd3c07dd090b10828402c3c3b59bec7fa591ec8bc7d748c25b064728f6a7","ssdeep":"768:3pH10eaYU5ixe3u1gTTaVeu0Ymw+03OYC7d+03QaSM/7FUBNyq0PPU0bANHtJeSl:3wxLTGV0NOLu0KLXlEkOzAplm/","tlshash":"f2a4576491f2c993823eb2da06954787fe9b4713c68147c97bac83ab2ff49197c13538","first_seen":"2025-11-26T02:39:18.667676Z","last_seen":"2025-11-26T02:39:18.667676Z","times_seen":1,"resource_available":false,"data":null}},"time_used":591,"timings":{"blocked":33,"dns":16,"connect":1,"send":0,"wait":523,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/chat-no-jquery.min.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/chat-no-jquery.min.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"162e4-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d2DMpLDirM83me3c1uvoviCi1M%2BMWViFXnWx9Fvo5a%2BLItWq1A6VyZ1Uu2PGKyb%2Fi%2Fc6X%2BoB%2B7k8xED7F7KHvUMGhm0SD2u9VSA%3D\"}]}\r\ncf-ray: 9a4603091b1f56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":90852,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (63379), with no line terminators","md5":"8172660f590d445dc9017185be9660e6","sha1":"cc6e1b005df98499186b2dc885fdeb8eccf7f025","sha256":"feff1e767d55aaedc4a671655d68258339390f62c94e9354a933d85ce7829e92","sha512":"a00e11ff69e82b8c01f0a685a0ec189351c591209edfa1246ac2c6ebc92ee882c411285e4e096b877060d70cb0b4b1fcb2692af72c19df1b6edb7b83e32e4d5e","ssdeep":"1536:N1VOeJGw6MW8yD+DyX80nc6g6hL5DlKLrJhpjhh:EsAhG7Nhh","tlshash":"de932b84b140267a07d3d2d2a176370a337c40ad664500acb96ecdf81e76d99b377fba","first_seen":"2025-09-18T00:13:21.924129Z","last_seen":"2026-03-29T15:45:39.95225Z","times_seen":29,"resource_available":true,"data":null}},"time_used":439,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":214,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/969.a8797199.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/969.a8797199.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"15168-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7FyUG%2BVaIeTlH8v5%2BQk0K%2Fm1pBv%2Bf4PxLAlXuJ1tPP7P09fr48KiGlfrDUjhtNNEDceCL0xE0Xe3vqXAqG9nDmFEiw0S%2FfQo1xk%3D\"}]}\r\ncf-ray: 9a4603091b2056ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":86376,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55380), with NEL line terminators","md5":"72503f913be08132e6bd7a16a121b1fc","sha1":"66713185e7801a6b1812e6b46909fc501928e4fc","sha256":"9aef1b47e9f38604aaa66e2c25d1223eeeace65c72356c6b5b8a866b33097081","sha512":"51c78aa97a170aaba098af9a959d7203fd94bf78777bc3a080b8d6d57b158ea2b40c62e3c995e4bacd5d2044528b626fed77a5c3c71301fd17df8f0969175f31","ssdeep":"768:hmfUFlUmTjKFuMj0HSVLKVWciRD5KF/gJoOLDXZWRw3j7pWXl/z6S4YnI/CC8uZD:w22XnRD5KF4YUj4Xl/W5BUDQWtQi+","tlshash":"25830bb5b29161b56ba246d2503b0007f239e674641a806cfb3dc9dd68bcd86b53bf38","first_seen":"2025-11-26T02:17:56.49802Z","last_seen":"2026-03-29T15:45:39.953702Z","times_seen":21,"resource_available":true,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/fonts/fa-brands-400.8d3cabfc.woff2","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /fonts/fa-brands-400.8d3cabfc.woff2 HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/css/575.cf5435a1.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 117372\r\npriority: u=4,i=?0\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"1ca7c-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BZhvnZz2evHDVVqJResiC23OaLGPibrwXUHIyLX12qVUygO1hY3xhLxr9SIwpdRinYNo7omsycGLeS8jOfZCLBiIXJspX9M8H2Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a46030ceb2f56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117372,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 117372, version 773.768","md5":"b6356c957274676e6571c1ff5e11c9a8","sha1":"4022f95e001d734ca8f082b8e7627abd205609ec","sha256":"3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490","sha512":"83de79c74480fafc62cdac4012ff2a129d8701772ee16216c3d9488826ac21a9c2f8a416fe3208a61bfea7e12c24ac1cc2d26f6d22bd2b0ba39a22d630238b59","ssdeep":"3072:U3JKgVzg5ybfXYe5W59JPQaPWKSsx/DBMnVnqedkAFqPQTzIBIOK2vDMF:IVM5A5GJPQaH/NMtBkAvcnYF","tlshash":"c4b312f88b7ac9a5e304e67b55e4613555a0aec8b180f35453be7c2c221e10dc67afe3","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-04-05T09:00:51.093333Z","times_seen":18751,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":212,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/images/usdt.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /images/usdt.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 01:02:10 GMT\r\netag: W/\"354-19a7abbf650\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bGiLI77L0wP6eQRP7gX3ACnfkuGuuiVEP%2F4sCCcqERItqcswsY5wdrxgGKcnJh6doh9QfHLaOdvQXU%2B7vdmsu3xgz34ZTd%2Fa8xY%3D\"}]}\r\ncf-ray: 9a46030e0b3756ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":852,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7ef0782a1f6cbc0d369da97d793fda4e","sha1":"ad3b8efbe5dab36f973cb1ff947620c6da8f136c","sha256":"ff1e4dd74b95a1a601dcd52cb05e5e80c8fd93d5242bba28cd4b6c896073485f","sha512":"dd1add180deddba4c263ece686820f5e53ebf29ccb48d505fe7245b7d6328471310355c8741379ddb59fca8d4c6ef01c0025c2d9d5f2763bb31104a22fe3cfd2","ssdeep":"","tlshash":"7f01af9cee9c567c1c8b43bc817914e075e7548d732897dce2624952f40afd7a394498","first_seen":"2025-11-26T02:17:56.42161Z","last_seen":"2026-03-29T15:45:39.947597Z","times_seen":21,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js","fqdn":"widget.trustpilot.com","domain":"trustpilot.com","tld":"com"},"ip":{"addr":"54.240.174.15","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad\u0026businessunitId=604f0278d6deaf00016b71cd#locale=en\u0026styleHeight=24px\u0026styleWidth=100%25\u0026theme=dark","date":"2025-11-26T02:38:50.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trustpilot.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Tue, 01 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:AC:04:00:1B:E6:03:65:36:95:67:5E:7F:21:62:B2:19:D0:0A:61","sha256":"C0:F0:3C:56:A6:A5:C3:53:B8:0A:28:8E:01:CC:3D:09:B5:5C:FC:55:FE:7F:8C:10:B8:E1:1F:7F:C6:56:F4:80"}}},"request":{"raw":"GET /trustboxes/5419b6a8b0d04a076446a9ad/main.js HTTP/1.1\r\nHost: widget.trustpilot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad\u0026businessunitId=604f0278d6deaf00016b71cd\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript;charset=utf-8\r\nlast-modified: Mon, 10 Feb 2025 13:11:40 GMT\r\ncontent-encoding: gzip\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: null\r\nserver: AmazonS3\r\ndate: Tue, 25 Nov 2025 06:16:10 GMT\r\ncache-control: max-age=86400\r\netag: W/\"0661e82e1e81e92cd72dd68fb8c66a6a\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 4AWwPoK_R54ErGqGVPz5t0hmD8zSeE-yGjhqjUVxtdmYaSUJ_ldpZw==\r\nage: 73361\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56421,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (56383)","md5":"0661e82e1e81e92cd72dd68fb8c66a6a","sha1":"3b13421fd89673e1900b5f6c3a6c970b08a2f233","sha256":"2f193d706417bcf72a130968908edcd09a192c51f4b592114ea4697ee4dfe85b","sha512":"27c2b3ef134510f35696ac970874c50def325bb423d5268491f616323fb697c40d89e0562ee253b0e3aeca571573e86bf91eaafab13539bf1af0dee451b9d0d8","ssdeep":"768:7nRNnPGUJBAyEgzQyudtrUp4Bj2bvuSky9QV11yCWnff2rub:tNDPEgzQy+y4B2juSzQT1yCWnH26b","tlshash":"26434bd47190b4e2068782b61c3f724af277b8b8b54dd0d0b2a9e8d42fb1cdd5236e19","first_seen":"2023-05-09T00:44:05Z","last_seen":"2026-02-24T02:47:46.614609Z","times_seen":1738,"resource_available":true,"data":null}},"time_used":1,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/tp.widget.bootstrap.min.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/tp.widget.bootstrap.min.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 16 Nov 2025 02:49:20 GMT\r\netag: W/\"bda1-19a8a912780\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ccO1v4JH0Pif5jyRqHkOHmpQLxH47P%2FVu9fpW%2FHWfl28LYVwZ0%2F6NmvT%2BjChkbHJ0tjFKDUrVRdc6MkgQ%2Fd%2FI5yD7ac38kyiAxc%3D\"}]}\r\ncf-ray: 9a4603091b2656ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48545,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"a1c9c765b87d33ee97019691f86c5b99","sha1":"c6190658cdac8c1e50625c644980dc134e7cb33a","sha256":"63abe8b3f8e219a9c85f40a2e9c77ea95f877802be6cca4258242598e1121cb9","sha512":"18d82e6249e572a0e9a592f54a9e1fd205045df650d3fbbe0c13f812145c658f7862c3574dedd26f07436ca8cd3d7c345526844fd1e702d2b35fbfb22e998284","ssdeep":"768:sooGSfWNfXi2Tfv4tns1em2wI9T/bI1cvRt4XQ1foxpA1WVFPrkr+xxf:4kN549s1xWN/bI1w3zr+7f","tlshash":"21231d8aaaf694305657b0798f2fa1007931505f2d9afd183e5c82a44f1cc3e62b5fed","first_seen":"2025-11-26T02:17:56.507177Z","last_seen":"2026-03-29T15:45:39.945087Z","times_seen":19,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/build/images/asset-icons/color/xmr.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /build/images/asset-icons/color/xmr.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 01:02:10 GMT\r\netag: W/\"207-19a7abbf650\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=12U4S7LqkCttWfqbQEOkxXvr6k06Tmfw%2FC1SD7Zp%2FTt3kb7X2o2dnM%2BvHiOhZ2st6v2aYzvb6%2FxLq%2B5JxFRCzgT6QK4hPMXGvJA%3D\"}]}\r\ncf-ray: 9a46030dcb3256ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":519,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"26a14f1c0b5bfac8c7bad92258c341ec","sha1":"09d8d31dcca54486e7580c6295ef046be87bb387","sha256":"0ba4288b46abfe05366f1aa1c76c6b8a265af5c621dcee34eba2d2b9beeeff87","sha512":"51a1bb3eca11e9e8a63632b9c89955d347c72d65f9f6fa9652df9d59f816e681ac6eb30e1ecb6a38a88a858a36aa0f7c536fc73fdd7f12780b3c511f5f4ad85d","ssdeep":"","tlshash":"4cf050a0b478ad88149f8f7cb87d30d32b5f74ae35594a5cb2646f78b0971526600e40","first_seen":"2025-07-19T05:20:42.052921Z","last_seen":"2026-03-29T15:45:39.896825Z","times_seen":28,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/images/android-icon-192x192.png","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /images/android-icon-192x192.png HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 4318\r\npriority: u=6,i=?0\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 14 Nov 2025 14:29:22 GMT\r\netag: W/\"10de-19a82c555d0\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N%2FQSH7CcFOdLMkmxSX5wnNj3z3JjldPY51V7VMMcztrDZpNbU07B%2FYHXsrwtST9%2FsEEwOfAYRg%2BHpz6KnQCV6HPK6ov44CJcNXk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a4603104b4656ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4318,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"e86138aad68f908962931a297f615fa2","sha1":"2d9c121f989ad2e0298f352dc697548da6ec61d9","sha256":"5ad5338a9bc0f21864566655132e7ccfd53b0b61d857261c0812c13bdf3bb807","sha512":"6f0daf9b68f819cf661b5ff5866c2803c93edd0b47f45421cd8764c3c45037ad09fcc817b5ef04f6a289f5923ee9e8c73a2f699a9a9bd7fb10551ca2d63ba354","ssdeep":"96:J9FilfMSSpgsCNIbHyI8+b7uGHZmeThtyROSX4zepZN:J9Filf5SLCcSXc7uGHkYze9","tlshash":"10913afb2b4dddb9878d0663b8f2962d1af3143791ebcc35583728366c12e03206a54d","first_seen":"2025-11-26T02:17:56.463525Z","last_seen":"2026-03-29T15:45:39.958418Z","times_seen":21,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/script.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/script.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 06:11:04 GMT\r\netag: W/\"771-19a7bd6c4c0\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=43EijWmJKSWxe4nrJlZaD2OW%2FoprKojQTwblDPO1HZ7PwiacKDKNE1nQZimXOCB4iMlLS2ITo%2FZd7HimGvLaBVWpEYHRHugH32s%3D\"}]}\r\ncf-ray: 9a4603090b1d56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1905,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"753e5d7353c673a4908d88562be724ff","sha1":"61278d262ebf6d068cc9e1eeac0a5b76f11b16d1","sha256":"e71b89d28d853de429fd2ad9a89c12c8ce73a15b8bca05b210e6a79766969693","sha512":"c10d8d3490a680da49ad7ae0debfabfc5c6315a18bacd6635f990d39dc2401f408ad21bca0b352d77d72cbeb5ea924865c80f964e8b872aebd1a39b40f9d4155","ssdeep":"","tlshash":"1941ac5b08507674d836b26aaa1ff902fc232677214597033ebd86146f3065b8378fdc","first_seen":"2025-11-26T02:17:56.442541Z","last_seen":"2026-03-29T15:45:39.964091Z","times_seen":19,"resource_available":true,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/bundles/chadshiftcore/img/metamask.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /bundles/chadshiftcore/img/metamask.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JamUAB%2BakWoS4FduFw90Qx5zd9Won1kD6yga0iRUkR01FM7CguokZh31%2FCmD4ouqMmj4zv2riklQbEvLmcqRYhKjFuuSPEcuYvM%3D\"}]}\r\npriority: u=4,i=?0\r\nsurrogate-control: no-store\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\nexpires: 0\r\ncontent-security-policy: default-src 'none'\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nvary: accept-encoding\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a46030c6b2d56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":177,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"23e40cb7a11a721290a8c87faae2a555","sha1":"277cb8c22df65b98cc85aca804701bd440638a58","sha256":"0edfa1785bfc74cf458eb14e4f18322d75195ecc2286743c7e046896e050f727","sha512":"68fdcc8265cbbdcc89c7ca0a97f1919da8e55de0d76218b1ac55a989db211b0a6064ced92ec837c97f36d6e872e49d469556b035f4f161948bafecc0214463d4","ssdeep":"","tlshash":"d2c0809e111111411920d3542ec2375535a73f5914e785015bc5d077ecddb16c9db555","first_seen":"2025-11-26T02:17:56.435353Z","last_seen":"2026-03-29T15:45:39.970768Z","times_seen":19,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/images/ltc.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /images/ltc.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 01:02:10 GMT\r\netag: W/\"14b-19a7abbf650\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LxlSpdolj85XEecu5c%2FdYBl9QVlxOsqwoUSQ%2F48xd4z%2FfXWlIQGyQHB3J2pE8GHkRLuwB5dB4vWw2DEZrsNNk56RrsoVlot88Ko%3D\"}]}\r\ncf-ray: 9a46030e0b3556ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":331,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cdae08509e949c7b6216a744b14f0087","sha1":"fa98336203093e0b00048946f9dfd7d8be578971","sha256":"21b1ffe201826ba5d027f814baab9103938898c0be374d3cc948bd119b55ce66","sha512":"91fb66a90e8b08b16a88d091b8aa02f8ddcbf180b5fcd5a2e84a425a3d42437efd698260e142556e7606052062fb82d00492daf8147c75c33897a3778c786da7","ssdeep":"","tlshash":"5ce07db7a5a8f84c188e4178ee2b7191202f20cc0d6e0decf5e42c15f1475dbf4459d8","first_seen":"2023-05-09T05:08:14Z","last_seen":"2026-04-03T16:52:46.541727Z","times_seen":109,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/images/bsc.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /images/bsc.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"387-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u%2FAWVlT%2BijwQIVvBdZsy7SJimJtu9eXfXLIcaaSSDn04jsSZMhdtLVrpnIkKh1d1v1Gg78BFGzXqbOhWDg0fDxbSrIDMGnp3PPE%3D\"}]}\r\ncf-ray: 9a46030e0b3856ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":903,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2923681903a301d3627f80448bfbe3b2","sha1":"a194d311b1ae13f9c60eaf4fa8b7aa974c81972e","sha256":"7d67bcd5d23ebe23a1dffbdac5c907cb7dd01f295d1a1a113b941d37b85b5e43","sha512":"eed84f0de04190d49cf445dbb4d8bda623acdf00a5336625140f48efce794878f85d54f8b9e6ed8d731d95b9a48470c9f1cc2cb3fb8f209ee7fc7d3ec6fd0da3","ssdeep":"","tlshash":"ca11361dd36897fb2c0bc3f7cd7c0921515b20e9a1165288d58e5230385f27faadc9e9","first_seen":"2025-11-26T02:17:56.462392Z","last_seen":"2026-03-29T15:45:39.948948Z","times_seen":19,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget.trustpilot.com/trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=604f0278d6deaf00016b71cd\u0026locale=en","fqdn":"widget.trustpilot.com","domain":"trustpilot.com","tld":"com"},"ip":{"addr":"54.240.174.15","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad\u0026businessunitId=604f0278d6deaf00016b71cd#locale=en\u0026styleHeight=24px\u0026styleWidth=100%25\u0026theme=dark","date":"2025-11-26T02:38:50.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trustpilot.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Tue, 01 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:AC:04:00:1B:E6:03:65:36:95:67:5E:7F:21:62:B2:19:D0:0A:61","sha256":"C0:F0:3C:56:A6:A5:C3:53:B8:0A:28:8E:01:CC:3D:09:B5:5C:FC:55:FE:7F:8C:10:B8:E1:1F:7F:C6:56:F4:80"}}},"request":{"raw":"GET /trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=604f0278d6deaf00016b71cd\u0026locale=en HTTP/1.1\r\nHost: widget.trustpilot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: application/x-www-form-urlencoded\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad\u0026businessunitId=604f0278d6deaf00016b71cd\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json; charset=utf-8\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\nserver: Kestrel\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\ndate: Wed, 26 Nov 2025 02:17:28 GMT\r\ncache-control: public,max-age=1800\r\netag: \"68ad4be66441f924c203ceecf5a56458\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 2dCTLiX82BxnWnRlZlibM_K303vDWpRnZ2J6StZgPwuV_pjeyNb61w==\r\nage: 1282\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Kestrel","description":"","website":"https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel","common_platform_enumeration":"","icon":"kestrel.svg","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1274,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"6ceedefed179542f4bfb283607c706c4","sha1":"dcbc5eae0b85568d6592d946aceec314d0ad65e1","sha256":"cc870a49480da67c6d02548c8e732569f613ebbd0ec64c07f30804a60452b2ee","sha512":"4231b2cc87e1c818096fb0ae72440ba1f0c11455137207e420cba886f32edfb9b155e59e78b7835dc6f7c1d0e9e0cb0ed144a51d2448f16450e537e410ba84ae","ssdeep":"","tlshash":"a321afb5181811b70fbb5ed1bc439739aa675278fc91d1cfe28abe3cc6be8583414544","first_seen":"2025-11-26T02:17:56.465284Z","last_seen":"2025-11-26T05:58:19.375409Z","times_seen":17,"resource_available":false,"data":null}},"time_used":2,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/runtime.69f15bde.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/runtime.69f15bde.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 04:02:56 GMT\r\netag: W/\"af8-19a7b617580\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rqepRE6W4xerkqzZ343Y1QjcHOpjD7uVaPn6dEBYAAZez9u%2Fq4OfUxbBAQwj0UnjpX4nQVGZKxQPOCWOCXsctUcnzLz2X6PRVq8%3D\"}]}\r\ncf-ray: 9a4603090b1856ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2808,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2808), with no line terminators","md5":"3d1fd594ec8f1993ec518f0bcb2800ed","sha1":"61829538aa191231a9125264e2b47fe804eb812e","sha256":"f343e31ceb891cbfc3e13084adb8afa9278dba7431b69fb9fc54c222ade3bbb8","sha512":"f1eee7eb1731156f4aa91d458afae983eb2b79712efb0a5d7fe689cf6f0376977e00cc660b4374429b3f3ab6eb5f3979e645b12edb87df354ef232f5647c4aee","ssdeep":"","tlshash":"e25194e23664e8fa2be25c84172ed982e6276433552f98b2a707cc757578ec00466bb1","first_seen":"2025-11-26T02:17:56.45942Z","last_seen":"2026-03-29T15:45:39.951432Z","times_seen":19,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/198.d9edbca9.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/198.d9edbca9.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"52e3-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DcWeI4A24OHVkwoUiIQNx5SIHYGlWKqGLNpe0aVNjs7bejA%2B%2Bg86rf%2FvJvy5TqZlzMU5EBHGUyUb7eflSnv0nFeVpPSXNHUYRtk%3D\"}]}\r\ncf-ray: 9a4603091b2156ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21219,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (21219), with no line terminators","md5":"32304b5bc09a37c86ca9d864cacee1a1","sha1":"be85de2ac5f50452c23da40a2603b2e49195c765","sha256":"307d3bec25533a76b54c865ab8281e3478cfdd474d86f6a46c3ca0ae31b92403","sha512":"9bb9725b3806f6667e5bbf22b260f4b7cd33bca5bf3854cb97de6dccec63c787c261484a141444cb486a5696eb7742e58ea511f4ac56f1e9d05f87b07106c847","ssdeep":"384:pM92ejkrIaeKCMaC0LRkzQ4J4vp74gs3qpJ7wQYYn4mp:L3SBDp7fVp+NU4mp","tlshash":"1792b889f651b0b50b677960617f0406e6b61644a88bdd90f723e8c83c7f85eb027bbd","first_seen":"2025-11-26T02:17:56.454147Z","last_seen":"2026-03-29T15:45:39.969682Z","times_seen":21,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/images/btc.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /images/btc.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 01:02:10 GMT\r\netag: W/\"3b9-19a7abbf650\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2w%2FzUzTBZKl6GmHp1qFnRFyLWh6WrH%2B3t0%2BviffwL6leiDgjUubzzJjwLiX6fVdbpPCgiP4FKviBjNXaHMsXraE1sExiF%2F986YY%3D\"}]}\r\ncf-ray: 9a46030e0b3956ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":953,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"edae64fcb50f425e582a9a1429784b70","sha1":"cdcd71434b3e179f57627bda3625ae61240715c3","sha256":"5a8131ecdf855b12cb56080aeeeefea266976529c45b2d58c284a13b7519f4ca","sha512":"8313b5900bbb90d04597b74d7bed7cd1c4cf9c52718a939eb996e531e37b74dc55ba787171eec6cbecbc524bae28cce5376065324dab6b5f8c1ce250ecc5c964","ssdeep":"","tlshash":"511154de16749548699f8d2cff2bbc463012f1bcd52e9ce49aff6d4470c2ae13140914","first_seen":"2023-07-08T18:24:36Z","last_seen":"2026-04-03T16:52:46.556586Z","times_seen":151,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/css/fonts.css","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /css/fonts.css HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"15b-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J4iNocjd%2FynosKEVkpVDiYnO6CZfjaCtSWSEcXbAASKUU7kRplWIl1Aa40Iitc9FmHV0H8bAejULhpPFlRUQLwUIVh%2Fcezux9cY%3D\"}]}\r\ncf-ray: 9a4603090b1756ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":347,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (347), with no line terminators","md5":"e5781793c1af4c6c7b94e8cedbc8f8c3","sha1":"37cc1a2a0ff560404fea7eea1cb972e6b7ebe5e3","sha256":"52624695a073ac7c2a12ce8bec60b88de0c9a34a6ca2f286472984185bbe7209","sha512":"ad8a7b8333450a15062b8eea7d1ac4c6b88eccdec19d88cce097f2445515e4d65bc82b0b0008cb53b5be95a583aed113bb3cd9df446249dc57ea7d9c81293932","ssdeep":"","tlshash":"63e01200069e6942c6798e4a35ada7225c15e42b34780297c12f14858df755b1341b27","first_seen":"2025-11-26T02:17:56.43353Z","last_seen":"2026-03-29T15:45:39.950522Z","times_seen":19,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/160.bb703800.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/160.bb703800.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"2f9d-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gCxSDvO%2FfcF45rDHVTKxaeYJdeTIGW93J%2FsbmTI7ZSkzty4bc8Cp14BQEN65LzrG4t2hmjTeVBCXcEhGKw5WNMJPKTaEc%2FYPzSY%3D\"}]}\r\ncf-ray: 9a4603090b1a56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12189,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12188), with no line terminators","md5":"37e3770779b19a9f72380ce6890598af","sha1":"8bc0484d8a1681cb5b7f45bb3eaa4a6cb519e61a","sha256":"ea0ba897c26cca8c4dc29f5fed2861364701bf2aff26e60b249a7eb57d0f65a6","sha512":"a3afbff1e5f6f9e432dac243663989e75a70f43a8ca585498d05bbd34d18d2278194f009d2294623fbc4afa72bac9be0ec73f31c451180188e31e0d18c41118d","ssdeep":"192:OvI+DQZlYRpeySzK0w1wgxbdOdJAe/dIEv0t6QxoGQOmf88PThpgUGeznp:OvI+DslEM3tAelIF6k+tPTPg6V","tlshash":"2a42b686b591b4610b768414222f440bf3622f48649edde0fb53c9d8bc7d85fe0abb6d","first_seen":"2025-11-26T02:17:56.450105Z","last_seen":"2026-03-29T15:45:39.942532Z","times_seen":21,"resource_available":true,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/app-bitcoinvn.c8983b1b.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/app-bitcoinvn.c8983b1b.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 16 Nov 2025 01:24:12 GMT\r\netag: W/\"be4-19a8a433660\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nosgKADapvXznmewJb2FWWSidSoeHH2q2BpYHGmBds8uXtSCPqCa6TZ0HkDEM4%2FZdceHDrtdQT3MYi2qif0LA98jGQOSr4WZjzY%3D\"}]}\r\ncf-ray: 9a4603090b1c56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3044,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3044), with no line terminators","md5":"2cccac66d7d152a01338f838782fd5a4","sha1":"6b19337d30aa8f38ee76587f20220de13746d193","sha256":"95504f7ba8f88109d94ae5fe03866038a17de6740309ad816c596c13924aaf4f","sha512":"bb1bf342648f8564b926f6c780bf5a5051cbfd8296fe172cbc1dbc6e7d472952891a48b5bda1ad0cba0f880f92d36338f9f7483b61a04f80933d5aa31a3cbda8","ssdeep":"","tlshash":"d851c60d75aaa86f25ff753f580f580852271d37d848c901d87e98b61c7970d6233e4e","first_seen":"2025-11-26T02:17:56.439575Z","last_seen":"2026-03-29T15:45:39.968169Z","times_seen":21,"resource_available":true,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"nitcoinvn.io/ws","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /ws HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://nitcoinvn.io\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: BZOGKtQrwzIUgTK6KNIckA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 26 Nov 2025 02:38:50 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSurrogate-Control: no-store\r\nCache-Control: no-store, no-cache, must-revalidate, proxy-revalidate\r\nExpires: 0\r\nContent-Security-Policy: default-src 'none'\r\nX-Content-Type-Options: nosniff\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=A%2F0TZ2TgsiAX%2FblpcrKwgvoHidoZU%2FQcwLN4SZDWa7A8fa2W8pHtUc9ipjJj2aq3Holhri1G1APRC53q6mMc1UAHGqPywuOI%2FSTu3RMSI5a7kDOcx6aGLjngegaazQ4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9a46030c8bee0b45-OSL\r\nContent-Encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=495\u0026min_rtt=444\u0026rtt_var=174\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3113\u0026recv_bytes=1154\u0026delivery_rate=7063414\u0026cwnd=252\u0026unsent_bytes=0\u0026cid=1085b11c064d01ae\u0026ts=448\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T08:47:05.766455Z","times_seen":13367613,"resource_available":true,"data":null}},"time_used":496,"timings":{"blocked":0,"dns":22,"connect":21,"send":0,"wait":434,"receive":1,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/orders?no-errors=1","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"POST /orders?no-errors=1 HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 157\r\nOrigin: https://nitcoinvn.io\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":157,"data":"{\"_fp\":null,\"to_currency_icon\":\"xmr.svg\",\"from_currency_icon\":\"btc.svg\",\"from_currency\":\"BTC\",\"to_currency\":\"XMR\",\"deposit_amount\":\"\",\"withdrawal_amount\":\"\"}"}},"response":{"raw":"HTTP/3 202 Accepted\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MICvd6tqyD4JHdo%2F9F52JBRQ%2BsJSRReW0XQ11HYVpXfdMK2lAqBbJmhwWUKzvmmgWS5VvPPKunlt%2FhAHuCPmqjx9%2BbEHT3%2FGzd0%3D\"}]}\r\npriority: u=3,i=?0\r\nsurrogate-control: no-store\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\nexpires: 0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9a46030dcb3356ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"202","status_text":"Accepted","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4620,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (897), with CRLF line terminators","md5":"bd41ebd31f1ba11163d348722cfa5f7e","sha1":"ba4f6a3d2f59d395e7e43208137cbcc00f53cce0","sha256":"7ea668a5c235008ad76e07fb3406992604644c1f07b5e78ff6469f5c878a0652","sha512":"e87b615ad46366979c1621c3cb9f993b7a266f886bb9d41aeefdc269d38ac2f9c151e34786d2f13f1fac464943b1a9ab7fdc3b9ecbba1dc8c24acc96a44e683e","ssdeep":"48:SKtNoZG3jyoBHKHCWSLdyerLpMnqPRglAryeDFh6LLW6vJ:R3jnqiWSLd5/unm5xGfvJ","tlshash":"c691f01020e81976523bd1f6a6459f4afad4c28bc78a840132ec63e76ff6c13ed43216","first_seen":"2025-11-26T02:17:56.418134Z","last_seen":"2026-03-29T15:45:39.930267Z","times_seen":19,"resource_available":false,"data":null}},"time_used":443,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/css/app-bitcoinvn.34062a0a.css","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /css/app-bitcoinvn.34062a0a.css HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"2e0be-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H9JS4BNu6%2F206ZzXoJwRdGRSKdGuCy8OIhCJ4Zmh24sQIGeIp%2Fa5QQuaEmyvi4fALri0%2FgA%2FeF%2BajLqb5S%2FW5nCL7x3toi4I8no%3D\"}]}\r\ncf-ray: 9a4603090b1656ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":188606,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (63354)","md5":"be2f25f8bdf9b78791514a25ebb4e4ef","sha1":"468a461c798337deeeb849686ef49979957b2832","sha256":"8f19d60b13337af8a5b372a6bc010b3b9ddddd9603558bad9dbf553ca9f45639","sha512":"e29c8dc58e4e3fa038c683d01669fd3ade8e2f9de5d4ba5ea00d076dcfb5021740435339a5f377437d46f39aa861539ff9fc920da5f44413326719ba624f7f0d","ssdeep":"1536:k2eKsazEaVdJvLJuL52AWKCwH6Ed2m/r8ljNcrV2vJEO9RtlrFF+MjMtZq3SYiLx:RzcMgrq3SYiLENM6HN26+aYL","tlshash":"5e04b796f5903029e49bc21d60c0febe1a2f9241d6274ebbf52b77a447891cb1673e1c","first_seen":"2025-11-26T02:17:56.468591Z","last_seen":"2026-03-29T15:45:39.973651Z","times_seen":21,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/bundles/chadshiftcore/img/metamask.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /bundles/chadshiftcore/img/metamask.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2cgcL2CH%2B7cq4iZgk%2FUq0D8b7oQhh4H08HODJ%2FeGY7G1TcSjtdWnRATSBgto%2B2UM5mZG6tVjQXsiC13qs5QUjGSyKQDmvQwpFl0%3D\"}]}\r\npriority: u=4,i=?0\r\nsurrogate-control: no-store\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\nexpires: 0\r\ncontent-security-policy: default-src 'none'\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nvary: accept-encoding\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a4603096b2856ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":177,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"23e40cb7a11a721290a8c87faae2a555","sha1":"277cb8c22df65b98cc85aca804701bd440638a58","sha256":"0edfa1785bfc74cf458eb14e4f18322d75195ecc2286743c7e046896e050f727","sha512":"68fdcc8265cbbdcc89c7ca0a97f1919da8e55de0d76218b1ac55a989db211b0a6064ced92ec837c97f36d6e872e49d469556b035f4f161948bafecc0214463d4","ssdeep":"","tlshash":"d2c0809e111111411920d3542ec2375535a73f5914e785015bc5d077ecddb16c9db555","first_seen":"2025-11-26T02:17:56.435353Z","last_seen":"2026-03-29T15:45:39.970768Z","times_seen":19,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/build/images/asset-icons/color/btc.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /build/images/asset-icons/color/btc.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 01:02:10 GMT\r\netag: W/\"3b9-19a7abbf650\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qr%2FpQY3ve36L9RVqwnz1Xwkg28I8zoagZmnJpqPvfLVZqnbMSh%2FOPoPH6aRzYGFX0UNUX26IbZKIdbGqmfzU1YqQOSNNk4Lwqzo%3D\"}]}\r\ncf-ray: 9a46030dab3156ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":953,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"edae64fcb50f425e582a9a1429784b70","sha1":"cdcd71434b3e179f57627bda3625ae61240715c3","sha256":"5a8131ecdf855b12cb56080aeeeefea266976529c45b2d58c284a13b7519f4ca","sha512":"8313b5900bbb90d04597b74d7bed7cd1c4cf9c52718a939eb996e531e37b74dc55ba787171eec6cbecbc524bae28cce5376065324dab6b5f8c1ce250ecc5c964","ssdeep":"","tlshash":"511154de16749548699f8d2cff2bbc463012f1bcd52e9ce49aff6d4470c2ae13140914","first_seen":"2023-07-08T18:24:36Z","last_seen":"2026-04-03T16:52:46.556586Z","times_seen":151,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/assets/chat/chat.css","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /assets/chat/chat.css HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s8xGYB%2FJAww6GvLkA3udbrtTH17Y4lAxeT6YmQ%2FWgtM7C03s51El9LcES7J%2FtZ7JhvkgD9Nc0HZoZk6vLLo%2BTND4K65ykZAfX5I%3D\"}]}\r\npriority: u=2,i=?0\r\nsurrogate-control: no-store\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\nexpires: 0\r\ncontent-security-policy: default-src 'none'\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nvary: accept-encoding\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a46030ddb3456ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T08:47:05.766455Z","times_seen":13367613,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/images/favicon-16x16.png","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /images/favicon-16x16.png HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 572\r\npriority: u=6,i=?0\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 14 Nov 2025 14:29:22 GMT\r\netag: W/\"23c-19a82c555d0\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2OpBidjA8IulDy2AtRbR3Eax7OavLrFmzZ4djEZ8eHcnntAOO3eivTCFfzp38ObJB7YSn%2FSaPaDQlHtjMK74CqNSV7%2B9nZj7Mx8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a4603104b4756ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":572,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"f64bbf0759f55602b0961b851803c7b6","sha1":"a10fa9956531339722061b1516e970a4b923b9cc","sha256":"848fc72f8655f6a284d78d5ef1993a0609b73280db6554d099ba8034074a7fa1","sha512":"fdab43bedc9d9dbdeeb71ba59880b3f60e2672675b72c9a751499f335d5056556c657cf6b0a548feb3300eb778a6d2fa5ee41f196bd9ce72f67d7823e369804d","ssdeep":"","tlshash":"b1f041d7288731b4c99503b0ad13e609456ff10d3906dc381fadf1299bea310c8aa252","first_seen":"2025-11-26T02:17:56.502121Z","last_seen":"2026-03-29T15:45:39.959354Z","times_seen":21,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/css/575.cf5435a1.css","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /css/575.cf5435a1.css HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"19175-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5CzxRdcCyMYBVl4SDCgm8EBkmmK8Q71MAaS0dy7eL%2BA38MGa6No0aecepcMV1IruDEW6iNdN4M4g2QRPBd7r4iPj%2BejQbwnJDk0%3D\"}]}\r\ncf-ray: 9a4603090b1556ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102773,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65321)","md5":"34da53e36af670ff126521d4d253833a","sha1":"871debe6a451ef3da96c6c20099634e643a39202","sha256":"41481fa63577c1de9faf7b5d0910e6a3ae5d52f48cc2367b7814f0f0d58e42ea","sha512":"3f1b439ade8278c73ad6dc799934ae8eb944016820a20e2adeb7698fe430c74dec4d9782911ed5e9a40fb8ca6b5aa8530b6a771a757bbc8caddcc4af9b63536c","ssdeep":"1536:iJMCMDMCMJMCMcMCMUMCMfsVM7709gbPMfjSFOTyPG9mpgSLCD3:p709gMGFiyPG9miSLCD","tlshash":"bea3b7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2025-11-26T02:17:56.437914Z","last_seen":"2026-03-29T15:45:39.935189Z","times_seen":19,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":244,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 26 Nov 2025 03:26:49 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MGGOjXc8WUo9SLRh%2FlgMsJuXYLczx62W2J9NOQWGorZz8RmQGd2R4uaXJyejL5Z0Cb%2BPdLOW83xHzhACPq%2FzXJA47ZSmbqlzzJE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncf-ray: 9a4603091b1e56ba-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-05T08:45:39.869407Z","times_seen":292826,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/images/logo_dark.png","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /images/logo_dark.png HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: image/png\r\ncontent-length: 12775\r\npriority: u=4,i=?0\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 14 Nov 2025 14:29:22 GMT\r\netag: W/\"31e7-19a82c555d0\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=70LVIcEE%2F7GB%2BCbwQBmyIMlmJi94Z9TuFglxh5gMsWdi0Yvma3j7bloASz3%2BPTl23ULfT812gYnEa%2FDJczlQ8RWWatrppqCg0oo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a4603091b2456ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12775,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1667 x 417, 8-bit colormap, non-interlaced","md5":"8d195a61ecf4a282f2b410845dec344b","sha1":"ea3ab49d1a50b413ba1eb7375e2633bc2de36dfc","sha256":"8fdda489349de269a7208006158446e54d68690dfddda0409a467e4fc9de97a5","sha512":"61837b5e748a593a3b71ebbdc7f9d4109426dcff08ead69f7a5b0a8dee7175eab6d40ae801ee8e08c7f687b9eecbd9a619f31548552437090f8c60026c8bb914","ssdeep":"192:WoL0d4Oj6L6u2VX0ko9lHdT9wYWRAKEKU+ndu+wcfBaWMxejnmgayUMPwQHPKFWu:WoLmeL6JX0ndTGRYKtcWadxClU7aPKhz","tlshash":"c442b0522636d44bf5fd3a70cb3c6510e899dfd2a16930bb2394793475722324a09f53","first_seen":"2025-11-26T02:17:56.476663Z","last_seen":"2026-03-29T15:45:39.957333Z","times_seen":21,"resource_available":false,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/images/us.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /images/us.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"116d-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EJqGBb71hRN3Bl3xcMOBXXmRrJKcbPcX77HSt6Qut3BH6B9d2G%2BEzqy%2FmzSp6HlCrzS6vofrZYkC9NaqnC2vWXh2%2F88ygENKk%2BA%3D\"}]}\r\ncf-ray: 9a4603091b2556ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4461,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ae65659236a7e348402799477237e6fa","sha1":"73305bd6cab9d5e7c535afbb4892020e6cc92fc9","sha256":"c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e","sha512":"8b85b482e464619186085fb7c0e9a35c09f1e0d27699179143723f137c3b5d20f77f12aeaee72e43a014392a89e9c47c8b0add5b39b1132c3d0932a45d0587c3","ssdeep":"96:HQ1phFD+mWBhqJTWTBKWjae1pyWBhjWVWBOLYWBDxp3a4cAFo:EwmWBUJTWdKWXgWBNWVWBGYWBlAYo","tlshash":"8f9119dab2f1455ad5834e6103276bf124ff2db081c0ad97a321c3e668a58d9c29fddc","first_seen":"2023-04-08T22:54:24Z","last_seen":"2026-04-05T06:13:39.989301Z","times_seen":2275,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/api/event","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"POST /api/event HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nContent-Length: 62\r\nOrigin: https://nitcoinvn.io\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":62,"data":"{\"n\":\"pageview\",\"u\":\"https://nitcoinvn.io/\",\"d\":null,\"r\":null}"}},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nsurrogate-control: no-store\r\ncache-control: no-store, no-cache, must-revalidate, proxy-revalidate\r\nexpires: 0\r\ncontent-security-policy: default-src 'none'\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q1IDcpUaebfi%2BXW1l2PHPxu6FpH0VrPT5xHnbwJxS6viAuETqOZbxJPCzcwM9e%2BTuT08MrJkhoPmUmHZOlC0NWwu%2F1K377B3vGg%3D\"}]}\r\ncf-ray: 9a46030d7b3056ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"3f955d687c11ae0c10bed23ee47e551d","sha1":"6ed4f5052f597230182cdfe8e341f780a62184e8","sha256":"e02ec574b10e6fdd7590f7c732a7ccaf5f6560bdff94c6841459b5f4860ccfb5","sha512":"1f198f8fa714ffbe246eb6d2e657f3dfa0de1859aa9bb41ab285c14bf6b6198f894f901ba6890876947bee32fcaf8fa7f0a306c68fd0063b7d26213c98216c0b","ssdeep":"","tlshash":"0cc08cae100001060a2082083ad222a438a73b9a24e3c9006a82e01ba8d5a17c886189","first_seen":"2024-08-19T21:29:27.377809Z","last_seen":"2026-03-29T15:45:39.965473Z","times_seen":22,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/images/xmr.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /images/xmr.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 01:02:10 GMT\r\netag: W/\"207-19a7abbf650\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q9sru1zLEJ71tfmonyy2QY3TeCyCn2e7tW6yaB2kNaZb2741SpF43XPvMGE3s4ZSd62DtzOMo482Jq%2Fg4KVKuJuujr%2BCWXMpBrk%3D\"}]}\r\ncf-ray: 9a46030e0b3656ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":519,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"26a14f1c0b5bfac8c7bad92258c341ec","sha1":"09d8d31dcca54486e7580c6295ef046be87bb387","sha256":"0ba4288b46abfe05366f1aa1c76c6b8a265af5c621dcee34eba2d2b9beeeff87","sha512":"51a1bb3eca11e9e8a63632b9c89955d347c72d65f9f6fa9652df9d59f816e681ac6eb30e1ecb6a38a88a858a36aa0f7c536fc73fdd7f12780b3c511f5f4ad85d","ssdeep":"","tlshash":"4cf050a0b478ad88149f8f7cb87d30d32b5f74ae35594a5cb2646f78b0971526600e40","first_seen":"2025-07-19T05:20:42.052921Z","last_seen":"2026-03-29T15:45:39.896825Z","times_seen":28,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/images/eth.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /images/eth.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 01:02:10 GMT\r\netag: W/\"20d-19a7abbf650\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XCs7u9%2Fbq9lGLxrEzBnEMRAD7QTEL4PvErCUoGFLtHpOFqpRQDoYUkfU8fww3XVOigZPxwxphYeBdumOmXESwnGvnBagbbSgN7Q%3D\"}]}\r\ncf-ray: 9a46030e1b3b56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":525,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ed79179a3b6bc2c2ee4c54d8ade79b01","sha1":"14b7148647a28eb4f861f8da283a89f0acf1dec8","sha256":"1f94df8533f61806f7b17eaf9cd28678cdba66e1d82a9ca8f9fb38d35a907e9c","sha512":"590a8fde3f1bcac91ccd4dc2cc02f7ba602cc4b15f137c1f3758bcc5072c545167f7dae4c16837bde366561fd08ffdbfe5a087dee8f7e75feaec9ecc77a2fc8b","ssdeep":"","tlshash":"a5f08be95d287450682b1ffce67c98d3306771f40a3d0cf9b1800512e94995b9cd2b40","first_seen":"2023-05-10T14:51:47Z","last_seen":"2026-04-03T16:52:46.575107Z","times_seen":132,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad\u0026businessunitId=604f0278d6deaf00016b71cd#locale=en\u0026styleHeight=24px\u0026styleWidth=100%25\u0026theme=dark","fqdn":"widget.trustpilot.com","domain":"trustpilot.com","tld":"com"},"ip":{"addr":"54.240.174.15","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.593Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trustpilot.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 03 Nov 2025 00:00:00 GMT","end":"Tue, 01 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:AC:04:00:1B:E6:03:65:36:95:67:5E:7F:21:62:B2:19:D0:0A:61","sha256":"C0:F0:3C:56:A6:A5:C3:53:B8:0A:28:8E:01:CC:3D:09:B5:5C:FC:55:FE:7F:8C:10:B8:E1:1F:7F:C6:56:F4:80"}}},"request":{"raw":"GET /trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad\u0026businessunitId=604f0278d6deaf00016b71cd HTTP/1.1\r\nHost: widget.trustpilot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 10 Feb 2025 13:11:35 GMT\r\ncontent-encoding: gzip\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: null\r\nserver: AmazonS3\r\ndate: Tue, 25 Nov 2025 12:16:16 GMT\r\ncache-control: max-age=86400\r\netag: W/\"fc82fd18b089da00a381dd91b8df8463\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: e9qUsaJ1HaP1ZFrwEteQqeoWHP4pLBCV2uIOGPR_aV457tTq7qpdLg==\r\nage: 51754\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":7281,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (6419)","md5":"fc82fd18b089da00a381dd91b8df8463","sha1":"1b357f936e0160ce7fb165fb334d31ef2be91838","sha256":"402179b88fa6e0b17851d64725ec39658d804bd6cc9b8ba227e27bd3b4cca459","sha512":"6702d1eb1a95e5ac04da8e6a1b52274a670c33d5bbbf986647865fd091fe2bd9f561cc77eb4735936149d5cc14ad56cae771b40fe7ba345c893bed2083a7722b","ssdeep":"192:ub6XeTxMW8D1J7sU6J+xlqKaZOllbR76S19A:xmXC7sUJxlqkR7q","tlshash":"9fe16511a598fb685d13c53a1ad077898426e14ef6060ad96ef2e3d4c7cf0c6cab53ec","first_seen":"2023-04-07T00:38:06Z","last_seen":"2026-02-24T02:47:46.548738Z","times_seen":1560,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":74,"dns":64,"connect":1,"send":0,"wait":1,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/755.c3cb6d41.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/755.c3cb6d41.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"15489-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xdr9RwXZjYRg3ysOyC7s6BKMvKH01fnUH8KSrzYsfXKCgHriJl3MZblP8k0sSVXAB1KZrIbA2xuue0%2Fm8yF4ZsPEIfOFP5qH4wc%3D\"}]}\r\ncf-ray: 9a4603090b1956ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87177,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65464)","md5":"eb2def123a3d0b02b3e9a7f646486739","sha1":"4663db1b5620731daff988e7ce2660094740cf14","sha256":"5d848ae7d84d3eb291667c75082af6210a6565e6e989eaa18588f1f6821317d2","sha512":"b78ea35ba883a6aa7d42c2f15e9aeeb16330dd6c8ba2f123c85b742cab4188cb075e10696552eb4c1c9daa6b08d314bfd0583e8e4c016168131edb9fd47afab6","ssdeep":"1536:YCQo1GZGM+xTWaxsZu0JwKFvzokaggUaE6clBXvPS9ZteGNDV1yzxgKZZuMv:YruK1omFDPS97JEgKjuMv","tlshash":"cf83f8ddb2cab02247a760b9007f550bf236199d680dc410f159e8e9bc78a4e927bf7d","first_seen":"2024-01-08T12:55:38Z","last_seen":"2026-03-29T15:45:39.922054Z","times_seen":30,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/575.72c5359a.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/575.72c5359a.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"27831-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EvB1soww0l7loE1nkvrwHlgFH4shWWpBFDFklc3EGYWMPTSauO2vVmoZyPrm80Ooiw0yTIXNrt9UUePeMw6T7Ozo3D5VXeGYP8E%3D\"}]}\r\ncf-ray: 9a4603090b1b56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":161841,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65273)","md5":"5d76d9a12ecb2cadc6fdbb56fffda71e","sha1":"ab146b32608b1b37bffc757c83b897489d91d482","sha256":"7e36f834361b1869652a539ff78cc3e92fb81ad2d53f085b7c5787fd054d39f7","sha512":"e148eb6b3911a01ce1561ac1b7acc94bba64579ab6cd20f7fb9669fe5ba8e7fbbf2e9b1f25e74e3b2d45650c2403ffb0c0df01b325e8a0ff1eff671b9c97aaa6","ssdeep":"1536:4/cPL5h0kN8/BsghBy8Q+in+4kBzmt1Rk7f+ALeCvwuwRN+Ycm5pqh5KN+peH6iW:mka8qh5G69DwcYgCXxm/","tlshash":"a0f3e94e3250b57202efa0a6903f450fb237695da806a05cb5add4ed2e7cd58317bf39","first_seen":"2025-11-26T02:17:56.452354Z","last_seen":"2026-03-29T15:45:39.961385Z","times_seen":21,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/523.10fc41c7.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/523.10fc41c7.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:49 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"408ab-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5zSM6juaKVj927cNso9ZqHV4fINIbhe%2Bu6XINYuv6ZSfHPLga2HfPxGn9Qcbayy5OisInpm1WddzOgFlvOmTz2pA3R%2FO3JdYwhU%3D\"}]}\r\ncf-ray: 9a4603091b2256ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":264363,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65494), with no line terminators","md5":"1bbe328d2dae3fe46167802aee78ce15","sha1":"87b03b9117a179dfafc27bad21a9da97eb14bf82","sha256":"1727fb81daecf89807ad4517a905e8e7cf0e684dcec0ff7d9d1844cd8ac3cf3f","sha512":"74cb26bb4e1a9291b0962df25c622a06ee09977daa14461ef12ab4ab9b3a7e986d17447af6a6f1bfdbefe29a49ad0107d7fc18bf776493982655b21b63471ed2","ssdeep":"3072:m+yIKNp6hW3xsjrYnnoEFE3K+spZkDyKgP3jehq+CmNsGz:mlHNp6hW3xsjrYnnoaAORjehq+baGz","tlshash":"38440b55338272a14edf61b9943f024aa23a9664148de0ecf539ddc0fd24dcba2a3f75","first_seen":"2025-11-26T02:17:56.461199Z","last_seen":"2026-03-29T15:45:39.955014Z","times_seen":21,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/js/swap.7c48df19.js","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:49.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /js/swap.7c48df19.js HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 15 Nov 2025 09:47:08 GMT\r\netag: W/\"97e7-19a86e94d60\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6tRT3BMH%2FwX0r1sVPvwwm7NLl71sSboC1YQal87HGK5zp%2B8Y2iQCSCTL6CbHdKRoCijWbp%2BMdrOUtRhXp6zy8rc0LmuwMdkfjCs%3D\"}]}\r\ncf-ray: 9a4603091b2356ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38887,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (595)","md5":"bc4f0317a620b4e1aa5115b855dac5d3","sha1":"943aad268b04fd13654e1f26f6ea7553a46b5d0f","sha256":"124ee086624ef673460d036c104b09385b7f6c6edbe2d91eaf0ba9d557ebc8fd","sha512":"730d046bac238f293e1452808dc8597f1bc4e60c364b2e114e0aa063b7b1100761f9e97c505419e04aedb5eca4949cd7809b2061c804d3df77f433154c13cf96","ssdeep":"768:G6zYaPfvVHXH8LN7Cudub3mTfrLQRIPdNOa:Go7flcLlLduQ","tlshash":"8803844a7ae360a0a637b03c9e6fd4443530545f894afe443e4c96a0af5c93d93f1bad","first_seen":"2025-11-26T02:17:56.414987Z","last_seen":"2026-03-29T15:45:39.94377Z","times_seen":19,"resource_available":true,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/fonts/fa-solid-900.fb8184ad.woff2","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /fonts/fa-solid-900.fb8184ad.woff2 HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/css/575.cf5435a1.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 156496\r\npriority: u=4,i=?0\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 08:16:26 GMT\r\netag: W/\"26350-19a7c498b90\"\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pRacEN4moDT0C%2FFSTRgPd35al9%2BtV5g0Fp%2FKzl0JnKNBJVA%2Fbij1vHw%2Fogkeeoi1mVmVuguHpU4PiZljMy02nLsptI7dhnh60JQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a46030ccb2e56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":156496,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 156496, version 773.768","md5":"6c4eee562650e53cee32496bdfbe534b","sha1":"1aae708e3b94ee981b452a918d28ed037fbb5e18","sha256":"9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2","sha512":"ebcb5a2e2a908228f77ecd03b45491778cad73ddc39fa3a6334b129aaf9fa36c16c0307aeaad74d77f616b5b34aac52d91e9f4816945253dc9a826ddd71f4d12","ssdeep":"3072:OvM6gZMLmY8uGpjVnlooQ+GQs8jic0f/KkMdE:OU65LoP5QSsuic0f/cdE","tlshash":"8ce31200d620498d9978fd5b2a1fa1ffa7a939c95ed210bad3c30cb93257143bbc2556","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-04-05T09:00:51.112229Z","times_seen":32702,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":219,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nitcoinvn.io/images/sol.svg","fqdn":"nitcoinvn.io","domain":"nitcoinvn.io","tld":"io"},"ip":{"addr":"104.21.21.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://nitcoinvn.io/","date":"2025-11-26T02:38:50.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nitcoinvn.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 16 Nov 2025 18:39:26 GMT","end":"Sat, 14 Feb 2026 19:38:09 GMT"},"fingerprint":{"sha1":"0A:EF:2A:B4:F9:16:83:7C:8F:38:82:03:8A:77:09:65:10:79:28:58","sha256":"ED:28:52:44:92:BE:86:68:19:AA:B8:04:E4:2A:9B:9F:99:C8:61:50:E2:29:02:17:4C:63:07:E5:B6:48:FB:FB"}}},"request":{"raw":"GET /images/sol.svg HTTP/1.1\r\nHost: nitcoinvn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://nitcoinvn.io/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 26 Nov 2025 02:38:50 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\ncontent-encoding: br\r\ncache-control: public, max-age=14400\r\nlast-modified: Thu, 13 Nov 2025 01:02:10 GMT\r\netag: W/\"24d-19a7abbf650\"\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=klxcoqetx5BGNdhJ8pKEJTvlg3yEsELXs8ONyv04zyZlXmPpxEWlHtjKQdEl0sL0%2B%2BFN7lBhZBqS8QgP9uyfx5F2bXoB9iXly6w%3D\"}]}\r\ncf-ray: 9a46030e1b3a56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":589,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8f48b6e8a88f7b0aa4b6598aa7715465","sha1":"93e573e9f1376bf17af2ac11f136c597a5eed82f","sha256":"94e47e7c108a338cc4a79b82673d66cfbadfcf4c934ccb9c2ca8f13e8ea7dbb2","sha512":"0a7981504e74f5fef2b3526fb5be81692c5362e01b17fb49c068a2f2c3744c9cab65562a71d6feb837ac360fe290310e43ae3a83a79ab0e1056f4ec0d6653a89","ssdeep":"","tlshash":"91f046e2a15cf5cee04cdd1a24cfb11238a13047f07be4d0bb892684f88b0c7ba04e64","first_seen":"2024-11-08T20:22:57.120472Z","last_seen":"2026-03-31T19:54:33.962878Z","times_seen":65,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-26","alert":"Sinkholed","trigger":"nitcoinvn.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}