{"report_id":"c58c5d84-5994-4983-b60b-495a680d54fa","version":6,"status":"done","tags":[],"date":"2026-04-10T15:03:51Z","url":{"schema":"http","addr":"app.coinbasekorea.com","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"ip":{"addr":"203.248.94.172","port":0,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"final":{"url":{"schema":"https","addr":"app.coinbasekorea.com/pc/","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"title":"Coinbase TOKEN","dom":{"size":56905,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1111)","md5":"c326396e8097a9843aecd986036400e0","sha1":"e4e8be313a134b906f0a177785827cdd9826f2f8","sha256":"f3081bdd6ec659a9d9d88db6d2e833b9b7b57f4a4d300c232a43951210bb942d","sha512":"3b53e18170d961787dedf4265636aaf2c4a9d6448d279fa251a1fc757f8e2d7f375bbeebc0e50f36bdf6f014f7932ea5cd2e7064faea86afc1cfb69e2999df92","ssdeep":"384:MZELpAYtyyOy8X9AFNBIQSHk3cfP6O+9AZFTA4myB+Q:MaPtyyOTX9AFNBIQSHDiOXYQ","tlshash":"0243dfa0adf189ab00ba94c691719f2e7fcc9157c3e64522b19c46d40f87d8fa963c9c","dom_hash":"domhash30415c52139b637af79d775dd8b40fda","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"app.coinbasekorea.com","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"ip":{"addr":"203.248.94.172","port":0,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-15T15:03:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"app.coinbasekorea.com","ip":{"addr":"203.248.94.172","port":443,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":12,"request_count":6,"received_data":954663,"sent_data":3178,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"api.bithumb.com","ip":{"addr":"43.201.166.211","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"domain_registered":"2015-06-16","domain_rank":6997688,"first_seen":"2026-01-02T13:05:03.802319Z","last_seen":"2026-04-07T14:26:05.156474Z","alert_count":20,"request_count":10,"received_data":7640,"sent_data":4661,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pubwss.bithumb.com","ip":{"addr":"23.36.76.171","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2015-06-16","domain_rank":0,"first_seen":"2020-02-14T13:56:55Z","last_seen":"2026-04-10T15:01:49.65666Z","alert_count":0,"request_count":1,"received_data":227,"sent_data":569,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"app.coinbasekorea.com/pc/","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"ip":{"addr":"203.248.94.172","port":443,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":true,"md5":"45d7c9ae8889584ad20247d8952c9bb8","sha1":"3fe1114dd0ee8a3608bd47a46418f3b09e3f9f65","sha256":"6db8a4d0a81f46d2ae3224cbdf7f030918448597c7cf4b4a07be99b142f1b0a9","sha512":"9cc0f1d7c097172d390a817398a3576fff25b0163fd1ca1cdc799ff2c24836654a9771dae65e758aee8aeab3ca3cc19a4b99652494d91af3162e408c5bfd6be6","ssdeep":"","tlshash":"4ff0af2c8396c0351377a86b939257c938b8c29fe905944f307d59d88f84ba05fd2671","size":654,"data":"","first_seen":"2026-04-10T15:01:53.930384Z","last_seen":"2026-04-11T00:23:32.151052Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.coinbasekorea.com/pc/","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"ip":{"addr":"203.248.94.172","port":443,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":true,"md5":"ae64fa677cdb48fd4f9d26db7d3a2a1e","sha1":"073036de72e7ea5f520eafbd3438bdd23fdb298d","sha256":"7373c4401524a39242f3f76e79b848e35cf50a88c8c9565bf3e313e1c6695155","sha512":"1f92050e150433efd5b76b7062ddbc41a0d4fc1c20bb36eff1c4a086d2fd059a83c5fff96263d49834181c9982c704b9d8a237c4ffd798cde1a6ab59d6144d83","ssdeep":"","tlshash":"7af022786ba40b2086e736666afad38038a0050b3846c181701cbcc88ff0e95c7aba80","size":459,"data":"","first_seen":"2026-04-10T15:01:53.931208Z","last_seen":"2026-04-11T00:23:32.151963Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.coinbasekorea.com/pc/","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"ip":{"addr":"203.248.94.172","port":443,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":true,"md5":"13f521fa2c73dcaa7609a3140e38a44e","sha1":"24e6612d2388729f6769b2a79b960a8d7562ab9f","sha256":"20614e3da7f19e5375c7190e52198bb935b772aa67bc71a0bb339eca7b3e54e2","sha512":"a7d9bba62735000b3deb4a973c938f38154224c8fc55e07b6e67551c327b1bed36cf71f7d7d244f07e89630c73ee218fca4976819c45f6295873f190502957da","ssdeep":"96:4Fj6RXYuOiQ/+9AmY+CyCerCcwClCVyzyeytyPyHaTWsytw3/O5Y:q6OuOiQ/+9AZFe2A4VyzyeytyPyHaTWO","tlshash":"15b15f5939b115330afe3b9d563b4e5c32acd093a39c9660394c898c1f927889877fdd","size":5284,"data":"","first_seen":"2026-04-10T15:01:53.93204Z","last_seen":"2026-04-11T00:23:32.158209Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"app.coinbasekorea.com/","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"ip":{"addr":"203.248.94.172","port":443,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-10T15:03:29.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app.coinbasekorea.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 06:04:24 GMT","end":"Mon, 06 Jul 2026 06:04:23 GMT"},"fingerprint":{"sha1":"6D:04:F2:14:ED:5B:4F:C9:15:B6:E8:84:B2:97:FA:65:D5:B9:CF:7D","sha256":"EC:9F:D0:71:18:4F:23:E7:C9:8A:42:5E:96:34:3B:CD:24:8F:FF:5D:70:A8:6D:54:97:53:74:AD:6F:4B:94:48"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: app.coinbasekorea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Fri, 10 Apr 2026 15:03:30 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin\r\ncache-control: no-cache,must-revalidate\r\nx-frame-options: sameorigin\r\nlocation: /pc/\r\nset-cookie: think_lang=en-us; path=/\nPHPSESSID=9d2d31d9915a9eed5a996003c9ada094; path=/\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59331,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T13:55:54.549517Z","times_seen":13622807,"resource_available":true,"data":null}},"time_used":1641,"timings":{"blocked":648,"dns":1,"connect":320,"send":0,"wait":345,"receive":0,"ssl":324},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.coinbasekorea.com/static/css/main.css","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"ip":{"addr":"203.248.94.172","port":443,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:30.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app.coinbasekorea.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 06:04:24 GMT","end":"Mon, 06 Jul 2026 06:04:23 GMT"},"fingerprint":{"sha1":"6D:04:F2:14:ED:5B:4F:C9:15:B6:E8:84:B2:97:FA:65:D5:B9:CF:7D","sha256":"EC:9F:D0:71:18:4F:23:E7:C9:8A:42:5E:96:34:3B:CD:24:8F:FF:5D:70:A8:6D:54:97:53:74:AD:6F:4B:94:48"}}},"request":{"raw":"GET /static/css/main.css HTTP/1.1\r\nHost: app.coinbasekorea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app.coinbasekorea.com/pc/\r\nCookie: think_lang=en-us; PHPSESSID=9d2d31d9915a9eed5a996003c9ada094\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 10 Apr 2026 15:03:31 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 17 May 2024 13:02:07 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6647554f-bd8fe\"\r\nexpires: Sat, 11 Apr 2026 03:03:31 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":776446,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6762)","md5":"925ce8b2038d29eea82ffcb23c5081df","sha1":"6e069e698bd92878f85913139c9a84195b7158e0","sha256":"e2ec93d492f636d68bcc3cfd685cb8c414f23aa418a94119650860f49a9025f2","sha512":"1dff983e1d676c4fa87ba9163ce44dda4aecec166da2f373d7c271b0f436715ed2a90aa0486ad060216d259f1046c09a0e48ff2bd13f5f6bd3fe71147ff29139","ssdeep":"12288:2sXcipU3H8EyjdSPiid09giCEZgSeePYT32ozC:3JUWKOU3rC","tlshash":"02f40be15eb31d89391e856aa7df2b15b22400938906dd28ffd6728d8fc01f952a3f4d","first_seen":"2026-04-10T15:01:53.926416Z","last_seen":"2026-04-11T00:23:32.109254Z","times_seen":4,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bithumb.com/public/ticker/BTC_KRW","fqdn":"api.bithumb.com","domain":"bithumb.com","tld":"com"},"ip":{"addr":"43.201.166.211","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:32.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bithumb.com","organization":"Bithumb Co., Ltd."},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 27 Aug 2025 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CD:12:2A:5C:0F:9F:16:C1:4D:A3:8B:57:3F:19:33:25:80:2C:E4:C6","sha256":"C5:10:8A:93:38:27:BF:EE:50:1E:53:8D:93:D0:F4:28:45:D0:1B:30:8A:3E:4C:B0:0B:A8:E7:58:50:9C:DD:C7"}}},"request":{"raw":"GET /public/ticker/BTC_KRW HTTP/1.1\r\nHost: api.bithumb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app.coinbasekorea.com/\r\nOrigin: https://app.coinbasekorea.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 15:03:33 GMT\r\ncontent-type: application/json\r\nserver: nginx\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nx-ratelimit-remaining: 149\r\nx-ratelimit-requested-tokens: 1\r\nx-ratelimit-burst-capacity: 150\r\nx-ratelimit-replenish-rate: 150\r\nmtid: -2421747028939806003\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":375,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"86bcb05f8d980875a03e18e85dc54cf7","sha1":"71fdca1e4970857bc5e74c6d376cf428e2651638","sha256":"955fa65837cb420b9f4d387e02cd23b33957c18965b4008a1bfcacf78c8d6d0e","sha512":"e2402d704ff216e768482aab860ce2d34d5f1c29d1dc7789236bf5a6d086ffe3ffb64e0caf847e46bd41608242923bfdd54c05e6f3662fe7c25b85cafdfa27ee","ssdeep":"","tlshash":"abe068311f86cf1240306c80e390a881e2813d4262c68fc82e8e27b408f89daa00e319","first_seen":"2026-04-10T15:03:56.423725Z","last_seen":"2026-04-10T15:03:56.423725Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1675,"timings":{"blocked":676,"dns":46,"connect":306,"send":0,"wait":315,"receive":0,"ssl":328},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bithumb.com/public/ticker/ETC_KRW","fqdn":"api.bithumb.com","domain":"bithumb.com","tld":"com"},"ip":{"addr":"43.201.166.211","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:33.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bithumb.com","organization":"Bithumb Co., Ltd."},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 27 Aug 2025 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CD:12:2A:5C:0F:9F:16:C1:4D:A3:8B:57:3F:19:33:25:80:2C:E4:C6","sha256":"C5:10:8A:93:38:27:BF:EE:50:1E:53:8D:93:D0:F4:28:45:D0:1B:30:8A:3E:4C:B0:0B:A8:E7:58:50:9C:DD:C7"}}},"request":{"raw":"GET /public/ticker/ETC_KRW HTTP/1.1\r\nHost: api.bithumb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app.coinbasekorea.com/\r\nOrigin: https://app.coinbasekorea.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 15:03:33 GMT\r\ncontent-type: application/json\r\nserver: nginx\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nx-ratelimit-remaining: 147\r\nx-ratelimit-requested-tokens: 1\r\nx-ratelimit-burst-capacity: 150\r\nx-ratelimit-replenish-rate: 150\r\nmtid: -4540819884995185664\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":397,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4b496b21192127de194abdcda90b0850","sha1":"c7b2082b37902153c3571fe6ad6d005fa7027d9b","sha256":"1ab41b513c522fce1b243d0dfcf4416bf37be3a92fcd59b2116413062e336be4","sha512":"cf413dd3c4184ac88637684be1239bb8027b71b0ad895066d33e0263d5d263c2de976c4180d1df4a78cbd040f2576666ceeeb2a76a100129f1e9c5ff2f60dd1b","ssdeep":"","tlshash":"f4e061325f0a9f11ec125890d7a134e1dfc13d4277c15fc5268d05b04afc48661aad0e","first_seen":"2026-04-10T15:03:56.426511Z","last_seen":"2026-04-10T15:03:56.426511Z","times_seen":1,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bithumb.com/public/ticker/DOGE_KRW","fqdn":"api.bithumb.com","domain":"bithumb.com","tld":"com"},"ip":{"addr":"43.201.166.211","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:36.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bithumb.com","organization":"Bithumb Co., Ltd."},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 27 Aug 2025 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CD:12:2A:5C:0F:9F:16:C1:4D:A3:8B:57:3F:19:33:25:80:2C:E4:C6","sha256":"C5:10:8A:93:38:27:BF:EE:50:1E:53:8D:93:D0:F4:28:45:D0:1B:30:8A:3E:4C:B0:0B:A8:E7:58:50:9C:DD:C7"}}},"request":{"raw":"GET /public/ticker/DOGE_KRW HTTP/1.1\r\nHost: api.bithumb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app.coinbasekorea.com/\r\nOrigin: https://app.coinbasekorea.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 15:03:36 GMT\r\ncontent-type: application/json\r\nserver: nginx\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nx-ratelimit-remaining: 149\r\nx-ratelimit-requested-tokens: 1\r\nx-ratelimit-burst-capacity: 150\r\nx-ratelimit-replenish-rate: 150\r\nmtid: 6319739524351789404\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":354,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c2b6a6f0814310bfabcd3c3cce2efffa","sha1":"f8f6893201886fb75c52d6689c0749fe94d889cf","sha256":"5aa44e0b906d8960719784d04d9fa8d8a970b307fd560032a098d285fe939460","sha512":"bbd32c64568e78ce0a575ad34315e0cd6f7b127b3531e20fbe168089580e1f3ab93325536a784ef8c1b2823d279c23cb354cd02aed2310cf5c7c5a98f0998143","ssdeep":"","tlshash":"f6e02033df0a8f12ec705890d7901991d2873d53a5c53fc536cc45b945f5449205e619","first_seen":"2026-04-10T15:03:56.428686Z","last_seen":"2026-04-10T15:03:56.428686Z","times_seen":1,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":311,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.coinbasekorea.com/pc/","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"ip":{"addr":"203.248.94.172","port":443,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-10T15:03:30.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app.coinbasekorea.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 06:04:24 GMT","end":"Mon, 06 Jul 2026 06:04:23 GMT"},"fingerprint":{"sha1":"6D:04:F2:14:ED:5B:4F:C9:15:B6:E8:84:B2:97:FA:65:D5:B9:CF:7D","sha256":"EC:9F:D0:71:18:4F:23:E7:C9:8A:42:5E:96:34:3B:CD:24:8F:FF:5D:70:A8:6D:54:97:53:74:AD:6F:4B:94:48"}}},"request":{"raw":"GET /pc/ HTTP/1.1\r\nHost: app.coinbasekorea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: think_lang=en-us; PHPSESSID=9d2d31d9915a9eed5a996003c9ada094\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 10 Apr 2026 15:03:30 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59331,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1111)","md5":"22d2f119cd34d0d5075f7a21c708c3b4","sha1":"fe1f0718fc4f9f655027f096a1daa11fd4616ce2","sha256":"dabaa58c3c31abe9a71b0d749a4e32adfa6abaaa4a21d2ccb2f7de9ad6a35bce","sha512":"1ae621538e89ba553665692c0544332143d6a018203149e7eada7a12ea25a7b2c669925fa1c72fd3f75b4803bb0836028620f2c6fb645c47a4a4ccec4c2148b3","ssdeep":"384:fQWpAqpAy80mRVm/INSKO33oP6O+9AZFTA4myB+Q:fQEpAT0mRVm/INSKZiOXYQ","tlshash":"6d43dfe09df189eb00ba94c691715f2e3bcc9257d3e60522b19c46d40f87d8fa963dac","first_seen":"2026-04-10T15:01:53.915765Z","last_seen":"2026-04-11T00:23:32.135114Z","times_seen":4,"resource_available":true,"data":null}},"time_used":344,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":344,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bithumb.com/public/ticker/EOS_KRW","fqdn":"api.bithumb.com","domain":"bithumb.com","tld":"com"},"ip":{"addr":"43.201.166.211","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:35.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bithumb.com","organization":"Bithumb Co., Ltd."},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 27 Aug 2025 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CD:12:2A:5C:0F:9F:16:C1:4D:A3:8B:57:3F:19:33:25:80:2C:E4:C6","sha256":"C5:10:8A:93:38:27:BF:EE:50:1E:53:8D:93:D0:F4:28:45:D0:1B:30:8A:3E:4C:B0:0B:A8:E7:58:50:9C:DD:C7"}}},"request":{"raw":"GET /public/ticker/EOS_KRW HTTP/1.1\r\nHost: api.bithumb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app.coinbasekorea.com/\r\nOrigin: https://app.coinbasekorea.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 15:03:35 GMT\r\ncontent-type: application/json\r\nserver: nginx\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nx-ratelimit-remaining: 149\r\nx-ratelimit-requested-tokens: 1\r\nx-ratelimit-burst-capacity: 150\r\nx-ratelimit-replenish-rate: 150\r\nmtid: -5749934417305774822\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c596d76d58e2d7b450d4dabfaf6f6a6c","sha1":"ba3a345c7b9a8fd96d1ad2fbc7bc2a29ad72b22d","sha256":"4c8d4ade4afeca6af7e82d657103a5bd3a32d60dc3fe28eceaac767dd6178f0d","sha512":"527c7d153a9335771ea1900d22b49cab230aa7ee96b59a14d66a9c5f1fc065cc328a681412a3b9065799cab1e9ad67c82827192a8ab311a94f1a1f87db2e0370","ssdeep":"","tlshash":"4fa0220302228a800b03000022c0300083e0eac2c33b00c0800c880c8e0f8e0ac03308","first_seen":"2026-04-10T15:01:53.924637Z","last_seen":"2026-04-11T00:23:32.127096Z","times_seen":4,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bithumb.com/public/ticker/ADA_KRW","fqdn":"api.bithumb.com","domain":"bithumb.com","tld":"com"},"ip":{"addr":"43.201.166.211","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:35.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bithumb.com","organization":"Bithumb Co., Ltd."},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 27 Aug 2025 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CD:12:2A:5C:0F:9F:16:C1:4D:A3:8B:57:3F:19:33:25:80:2C:E4:C6","sha256":"C5:10:8A:93:38:27:BF:EE:50:1E:53:8D:93:D0:F4:28:45:D0:1B:30:8A:3E:4C:B0:0B:A8:E7:58:50:9C:DD:C7"}}},"request":{"raw":"GET /public/ticker/ADA_KRW HTTP/1.1\r\nHost: api.bithumb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app.coinbasekorea.com/\r\nOrigin: https://app.coinbasekorea.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 15:03:35 GMT\r\ncontent-type: application/json\r\nserver: nginx\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nx-ratelimit-remaining: 148\r\nx-ratelimit-requested-tokens: 1\r\nx-ratelimit-burst-capacity: 150\r\nx-ratelimit-replenish-rate: 150\r\nmtid: -4382277114371554608\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":354,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6aaff492b9965b02138c5592ee3d39f4","sha1":"4841960dc0933e8466950c460f76f4a76de2a598","sha256":"55e31a6ed57d09de3fcd53ecaea244df8243fe0e2a1d51880635561835c59c88","sha512":"5d8803292c7168b8dc88c0abb1ea757aafcf6afd131caf30941a66511f498585430a1ecdb09ec1673377ff3bcafd4d4902d3f35672574bd84fb8925986abc965","ssdeep":"","tlshash":"e3e02022de5bef5145516d80e4d128d2e3c22d8666c65fd53acd74f40cf4c8a214fb4d","first_seen":"2026-04-10T15:03:56.434655Z","last_seen":"2026-04-10T15:03:56.434655Z","times_seen":1,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.coinbasekorea.com/static/favicon.png","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"ip":{"addr":"203.248.94.172","port":443,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:32.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app.coinbasekorea.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 06:04:24 GMT","end":"Mon, 06 Jul 2026 06:04:23 GMT"},"fingerprint":{"sha1":"6D:04:F2:14:ED:5B:4F:C9:15:B6:E8:84:B2:97:FA:65:D5:B9:CF:7D","sha256":"EC:9F:D0:71:18:4F:23:E7:C9:8A:42:5E:96:34:3B:CD:24:8F:FF:5D:70:A8:6D:54:97:53:74:AD:6F:4B:94:48"}}},"request":{"raw":"GET /static/favicon.png HTTP/1.1\r\nHost: app.coinbasekorea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app.coinbasekorea.com/pc/\r\nCookie: think_lang=en-us; PHPSESSID=9d2d31d9915a9eed5a996003c9ada094\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 10 Apr 2026 15:03:32 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-11T13:56:08.823483Z","times_seen":484338,"resource_available":true,"data":null}},"time_used":347,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":347,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bithumb.com/public/ticker/ETH_KRW","fqdn":"api.bithumb.com","domain":"bithumb.com","tld":"com"},"ip":{"addr":"43.201.166.211","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:33.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bithumb.com","organization":"Bithumb Co., Ltd."},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 27 Aug 2025 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CD:12:2A:5C:0F:9F:16:C1:4D:A3:8B:57:3F:19:33:25:80:2C:E4:C6","sha256":"C5:10:8A:93:38:27:BF:EE:50:1E:53:8D:93:D0:F4:28:45:D0:1B:30:8A:3E:4C:B0:0B:A8:E7:58:50:9C:DD:C7"}}},"request":{"raw":"GET /public/ticker/ETH_KRW HTTP/1.1\r\nHost: api.bithumb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app.coinbasekorea.com/\r\nOrigin: https://app.coinbasekorea.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 15:03:33 GMT\r\ncontent-type: application/json\r\nserver: nginx\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nx-ratelimit-remaining: 148\r\nx-ratelimit-requested-tokens: 1\r\nx-ratelimit-burst-capacity: 150\r\nx-ratelimit-replenish-rate: 150\r\nmtid: 638742895202502809\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":409,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0572319dfd527d20efb8d4fe0e70d172","sha1":"fd86f734e6ac0ed563add6767e828fdbcc91ccf9","sha256":"6698b827e65a990215c13414ab8a22d38fb99033e222f563d5e5b484cd0017a9","sha512":"3b73e49df2078f800251c2c23fadba8ac31afcc34a62ab81ef1668b41252eeaa5b643b0f5d9d3c09a8dcab0f821d7afc91d56a37a2500fbc0a4a10e01b557712","ssdeep":"","tlshash":"e5e022b2df4a9f4284301d50e790aceae3c23d8356c11f802acf69b854f4ce5215ab1a","first_seen":"2026-04-10T15:03:56.437448Z","last_seen":"2026-04-10T15:03:56.437448Z","times_seen":1,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.coinbasekorea.com/static/_next/static/css/a10e7519a693ade3.css","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"ip":{"addr":"203.248.94.172","port":443,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:30.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app.coinbasekorea.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 06:04:24 GMT","end":"Mon, 06 Jul 2026 06:04:23 GMT"},"fingerprint":{"sha1":"6D:04:F2:14:ED:5B:4F:C9:15:B6:E8:84:B2:97:FA:65:D5:B9:CF:7D","sha256":"EC:9F:D0:71:18:4F:23:E7:C9:8A:42:5E:96:34:3B:CD:24:8F:FF:5D:70:A8:6D:54:97:53:74:AD:6F:4B:94:48"}}},"request":{"raw":"GET /static/_next/static/css/a10e7519a693ade3.css HTTP/1.1\r\nHost: app.coinbasekorea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app.coinbasekorea.com/pc/\r\nCookie: think_lang=en-us; PHPSESSID=9d2d31d9915a9eed5a996003c9ada094\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 10 Apr 2026 15:03:31 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 24 Jun 2024 01:42:35 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6678cf0b-e082\"\r\nexpires: Sat, 11 Apr 2026 03:03:31 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":57474,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (320)","md5":"fd7a4da9fecc7f8205551319f70c9594","sha1":"22b363a8ad79eb7a64c9ee734178f17a0e846c9b","sha256":"a08243880c5f274696602760279d18ec3659355e4d77402d110c9c97b11dbc22","sha512":"86b5e25aa31fcd27ae1d3739333e9545c513a9147307b25616c2f32089b9efe1a3df8f5598ca91aeb51ec303ea89db6ecdfc14ddc82d5c128d4ac8a362c1fcd7","ssdeep":"384:T0EhAFAdE/FOJl/LI8aSMgyuWjqozFQFArnce9ZVeipC1qerQDtVOlZyR+9Xt:T0EiF2yFOJCAyDHFQFH9MOlZyU9Xt","tlshash":"4b43891566b30c652c1b49f963ddb689f32a60c74d1feda9fece20044f853b45e92b88","first_seen":"2026-04-10T15:01:53.92175Z","last_seen":"2026-04-11T00:23:32.136744Z","times_seen":4,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":394,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.coinbasekorea.com/apple-touch-icon.png","fqdn":"app.coinbasekorea.com","domain":"coinbasekorea.com","tld":"com"},"ip":{"addr":"203.248.94.172","port":443,"asn":9848,"as":"SEJONG NETWORKS","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:32.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app.coinbasekorea.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 07 Apr 2026 06:04:24 GMT","end":"Mon, 06 Jul 2026 06:04:23 GMT"},"fingerprint":{"sha1":"6D:04:F2:14:ED:5B:4F:C9:15:B6:E8:84:B2:97:FA:65:D5:B9:CF:7D","sha256":"EC:9F:D0:71:18:4F:23:E7:C9:8A:42:5E:96:34:3B:CD:24:8F:FF:5D:70:A8:6D:54:97:53:74:AD:6F:4B:94:48"}}},"request":{"raw":"GET /apple-touch-icon.png HTTP/1.1\r\nHost: app.coinbasekorea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://app.coinbasekorea.com/pc/\r\nCookie: think_lang=en-us; PHPSESSID=9d2d31d9915a9eed5a996003c9ada094\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Fri, 10 Apr 2026 15:03:32 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-11T13:56:08.823483Z","times_seen":484338,"resource_available":true,"data":null}},"time_used":347,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"app.coinbasekorea.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"pubwss.bithumb.com/pub/ws","fqdn":"pubwss.bithumb.com","domain":"bithumb.com","tld":"com"},"ip":{"addr":"23.36.76.171","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:32.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bithumb.com","organization":"Bithumb Korea Co., Ltd."},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 23 Sep 2025 00:00:00 GMT","end":"Tue, 22 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"22:7E:FC:64:47:17:5A:04:FA:EF:B3:D8:4B:FB:24:C0:1F:D1:E4:4B","sha256":"70:23:B9:43:5D:82:3E:8D:51:FE:3C:20:76:40:E2:E3:FD:83:78:1B:2E:50:BF:D7:C6:50:96:DC:1A:67:8C:E6"}}},"request":{"raw":"GET /pub/ws HTTP/1.1\r\nHost: pubwss.bithumb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://app.coinbasekorea.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: KJAhuB5+CFU0jI5feIMbFw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nsec-websocket-accept: /9y+TXIV/IX3vI/4dXmzFJgPrEI=\r\nsec-websocket-extensions: permessage-deflate\r\nDate: Fri, 10 Apr 2026 15:03:33 GMT\r\nUpgrade: websocket\r\nConnection: Upgrade\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T13:55:54.549517Z","times_seen":13622807,"resource_available":true,"data":null}},"time_used":1338,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":771,"receive":1,"ssl":565},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.bithumb.com/public/ticker/XRP_KRW","fqdn":"api.bithumb.com","domain":"bithumb.com","tld":"com"},"ip":{"addr":"43.201.166.211","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:34.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bithumb.com","organization":"Bithumb Co., Ltd."},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 27 Aug 2025 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CD:12:2A:5C:0F:9F:16:C1:4D:A3:8B:57:3F:19:33:25:80:2C:E4:C6","sha256":"C5:10:8A:93:38:27:BF:EE:50:1E:53:8D:93:D0:F4:28:45:D0:1B:30:8A:3E:4C:B0:0B:A8:E7:58:50:9C:DD:C7"}}},"request":{"raw":"GET /public/ticker/XRP_KRW HTTP/1.1\r\nHost: api.bithumb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app.coinbasekorea.com/\r\nOrigin: https://app.coinbasekorea.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 15:03:34 GMT\r\ncontent-type: application/json\r\nserver: nginx\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nx-ratelimit-remaining: 149\r\nx-ratelimit-requested-tokens: 1\r\nx-ratelimit-burst-capacity: 150\r\nx-ratelimit-replenish-rate: 150\r\nmtid: 8527289423869109002\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":364,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7eeb2c3f92427aad6e32f5868b088b80","sha1":"968d0313bb1c55c667f611523573493c732cffd9","sha256":"c9602fb46521f4e262382c5042fdd6adef2788d90920eb546ead9b29ba6b99b1","sha512":"9bc3bef7ebf77dc027c702021c56adc7a1a5f8c91ce78121fe01af970f7ea6433ce1b40535a1dec5584abd1566c094ef543f30e4e1a6bfe7ec99e6ba527597e5","ssdeep":"","tlshash":"bbe0c022ef89efb248402800e3e094b2df863cc71bc31fd0068c99b05db0457101e90a","first_seen":"2026-04-10T15:03:56.44128Z","last_seen":"2026-04-10T15:03:56.44128Z","times_seen":1,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bithumb.com/public/ticker/TRX_KRW","fqdn":"api.bithumb.com","domain":"bithumb.com","tld":"com"},"ip":{"addr":"43.201.166.211","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:34.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bithumb.com","organization":"Bithumb Co., Ltd."},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 27 Aug 2025 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CD:12:2A:5C:0F:9F:16:C1:4D:A3:8B:57:3F:19:33:25:80:2C:E4:C6","sha256":"C5:10:8A:93:38:27:BF:EE:50:1E:53:8D:93:D0:F4:28:45:D0:1B:30:8A:3E:4C:B0:0B:A8:E7:58:50:9C:DD:C7"}}},"request":{"raw":"GET /public/ticker/TRX_KRW HTTP/1.1\r\nHost: api.bithumb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app.coinbasekorea.com/\r\nOrigin: https://app.coinbasekorea.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 15:03:34 GMT\r\ncontent-type: application/json\r\nserver: nginx\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nx-ratelimit-remaining: 148\r\nx-ratelimit-requested-tokens: 1\r\nx-ratelimit-burst-capacity: 150\r\nx-ratelimit-replenish-rate: 150\r\nmtid: 8044548502019499416\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":354,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5f2ee3ec8da8dc81b761db7b84a87a10","sha1":"e54e58ee723de4e69e84ccec3f751cd9e8a8772c","sha256":"2f3408c9eea82d4f72be695dcbf94e27b6ee156f14c3660ada9d76eba4965713","sha512":"8d1ead4689090c83e78f3d4146ac6ad667bad374d732f804bbe2c2086f922eca10f8d40afba9fc0ae77f8229eda3f6fcc2a4a0c8bc781fef4eb71198a13af9a8","ssdeep":"","tlshash":"18e02035ff09df2284529750e6d018bfe3857d8246c55b406b8c497949bc48a181b30c","first_seen":"2026-04-10T15:03:56.443375Z","last_seen":"2026-04-10T15:03:56.443375Z","times_seen":1,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":316,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bithumb.com/public/ticker/BCH_KRW","fqdn":"api.bithumb.com","domain":"bithumb.com","tld":"com"},"ip":{"addr":"43.201.166.211","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:34.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bithumb.com","organization":"Bithumb Co., Ltd."},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 27 Aug 2025 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CD:12:2A:5C:0F:9F:16:C1:4D:A3:8B:57:3F:19:33:25:80:2C:E4:C6","sha256":"C5:10:8A:93:38:27:BF:EE:50:1E:53:8D:93:D0:F4:28:45:D0:1B:30:8A:3E:4C:B0:0B:A8:E7:58:50:9C:DD:C7"}}},"request":{"raw":"GET /public/ticker/BCH_KRW HTTP/1.1\r\nHost: api.bithumb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app.coinbasekorea.com/\r\nOrigin: https://app.coinbasekorea.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 15:03:34 GMT\r\ncontent-type: application/json\r\nserver: nginx\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nx-ratelimit-remaining: 147\r\nx-ratelimit-requested-tokens: 1\r\nx-ratelimit-burst-capacity: 150\r\nx-ratelimit-replenish-rate: 150\r\nmtid: -6418297493155614540\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":346,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d09d57372f889d83c483b32504a872ed","sha1":"a81013006f2f6a72295d3b071e7e950650d37466","sha256":"41716c0101cb49f35c661e7d1e2eac7baff4735d44e0f45b655e4cbd2a256e18","sha512":"1fbf5e828b4ddf1a7f8c50483bbc39a85632c03d3c66723ee9cd214e5dbb113a6d32753d68a34c37f104e0ff3e5b6d6df152ce8ed215277dd5c4b27e2b399404","ssdeep":"","tlshash":"1ae06f224e89ef0390302e00df4098f2e7915c834fc18fc63a8cae7c88f044e0219a88","first_seen":"2026-04-10T15:03:56.445196Z","last_seen":"2026-04-10T15:03:56.445196Z","times_seen":1,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.bithumb.com/public/ticker/SOL_KRW","fqdn":"api.bithumb.com","domain":"bithumb.com","tld":"com"},"ip":{"addr":"43.201.166.211","port":443,"asn":16509,"as":"AMAZON-02","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.coinbasekorea.com/pc/","date":"2026-04-10T15:03:35.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.bithumb.com","organization":"Bithumb Co., Ltd."},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 27 Aug 2025 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CD:12:2A:5C:0F:9F:16:C1:4D:A3:8B:57:3F:19:33:25:80:2C:E4:C6","sha256":"C5:10:8A:93:38:27:BF:EE:50:1E:53:8D:93:D0:F4:28:45:D0:1B:30:8A:3E:4C:B0:0B:A8:E7:58:50:9C:DD:C7"}}},"request":{"raw":"GET /public/ticker/SOL_KRW HTTP/1.1\r\nHost: api.bithumb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://app.coinbasekorea.com/\r\nOrigin: https://app.coinbasekorea.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 15:03:35 GMT\r\ncontent-type: application/json\r\nserver: nginx\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nx-ratelimit-remaining: 147\r\nx-ratelimit-requested-tokens: 1\r\nx-ratelimit-burst-capacity: 150\r\nx-ratelimit-replenish-rate: 150\r\nmtid: -7582483226917167084\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":372,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b950cfc42cd491c86b538c6af725691f","sha1":"1d36c68e82b594bd2eb58b72ecbc30522a3c8c2c","sha256":"4581928c5ceba73adfb4f6c511e3a37dd5296ac175b6ebdfdb4367bafa7cda7c","sha512":"c890696aa9722f4d59d57dece96c8d59f6198f08f9b6ed635db8eee100d301dbacf256cba95e7002fc3a8877bee3809527c5e19d2c7763e4304223658261e20b","ssdeep":"","tlshash":"43e02032af19cf12a4b09990d3541d92dec13f9372d15fc565cc4478c9f44c9300ab09","first_seen":"2026-04-10T15:03:56.44709Z","last_seen":"2026-04-10T15:03:56.44709Z","times_seen":1,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"api.bithumb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}