{"report_id":"e076b68c-db3b-4b1e-9e52-fefcb7f2cafd","version":6,"status":"done","tags":[],"date":"2026-05-04T09:12:52Z","url":{"schema":"http","addr":"bitco-claim.com","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"104.21.66.43","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bitco-claim.com/","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"title":"Bitco Claim - Reliable Earnings Platform","dom":{"size":1591,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (341)","md5":"765cb19d579be25ffc6b1145a7f4248b","sha1":"af365788ed76c627f7ec644958bffe24869d91d7","sha256":"1e8d2ed7e3c87039e174718a2b8c48bedd2fbf16473dc9688825967538fdbda6","sha512":"b394023a05d5d6c02c0c18a89d9c2d06f303d4c3338fcb5f7671132b0a77290d895c69b708b7e5015c8b5829758bc02a186641ddeddcb8b4ba2e52017cf9c932","ssdeep":"","tlshash":"dd3165eb804b012a24431a9569e0b7cd7027c04feeb1fa457e7d135acf48da794426dc","dom_hash":"domhash855a4137af5edf0f75458ac5efc51211","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bitco-claim.com","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"104.21.66.43","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-08T09:12:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-03T22:17:40.953609Z","alert_count":0,"request_count":3,"received_data":94804,"sent_data":1692,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-03T22:20:33.622142Z","alert_count":0,"request_count":2,"received_data":17226,"sent_data":927,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"use.fontawesome.com","ip":{"addr":"172.67.142.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-10-18","domain_rank":6983,"first_seen":"2017-01-30T04:43:25Z","last_seen":"2026-05-04T00:33:59.388072Z","alert_count":0,"request_count":2,"received_data":134644,"sent_data":988,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"static.a-ads.com","ip":{"addr":"148.251.13.139","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2012-07-07","domain_rank":212861,"first_seen":"2013-06-01T16:47:05Z","last_seen":"2026-05-02T18:58:32.981178Z","alert_count":0,"request_count":1,"received_data":227580,"sent_data":469,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"ad.a-ads.com","ip":{"addr":"148.251.13.139","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2012-07-07","domain_rank":80794,"first_seen":"2013-04-19T21:54:57Z","last_seen":"2026-05-02T05:47:07.214833Z","alert_count":0,"request_count":1,"received_data":16171,"sent_data":534,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Phusion Passenger","description":"Phusion Passenger is a free web server and application server with support for Ruby, Python and Node.js.","website":"https://phusionpassenger.com","common_platform_enumeration":"cpe:2.3:a:phusionpassenger:phusion_passenger:*:*:*:*:*:*:*:*","icon":"Phusion Passenger.png","categories":["Web servers"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-05-03T22:36:05.340423Z","alert_count":0,"request_count":1,"received_data":81537,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.gtranslate.net","ip":{"addr":"104.26.13.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2011-05-26","domain_rank":101861,"first_seen":"2022-11-07T21:49:20Z","last_seen":"2026-04-30T09:06:36.656069Z","alert_count":0,"request_count":1,"received_data":15195,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"comorosmaritime.org","ip":{"addr":"203.161.58.67","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"2016-11-26","domain_rank":0,"first_seen":"2026-02-20T04:01:51.976093Z","last_seen":"2026-04-28T07:32:43.046809Z","alert_count":0,"request_count":1,"received_data":875,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"bitco-claim.com","ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-02","domain_rank":0,"first_seen":"2026-05-04T09:12:53.543587Z","last_seen":"2026-05-04T09:12:53.543587Z","alert_count":15,"request_count":15,"received_data":2357849,"sent_data":7573,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Preline UI","description":"Preline UI is an open-source set of prebuilt UI components based on the utility-first Tailwind CSS framework.","website":"https://preline.co","common_platform_enumeration":"","icon":"Preline UI.svg","categories":["UI frameworks"]},{"name":"Bootstrap:5.3.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"zerads.com","ip":{"addr":"162.0.208.108","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"2021-12-17","domain_rank":68941,"first_seen":"2021-12-23T05:44:08Z","last_seen":"2026-04-28T07:32:43.406227Z","alert_count":0,"request_count":1,"received_data":1794,"sent_data":541,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"api.fpadserver.com","ip":{"addr":"172.67.182.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-04-30","domain_rank":2017065,"first_seen":"2024-06-28T06:30:25Z","last_seen":"2026-04-30T01:06:52.299276Z","alert_count":0,"request_count":2,"received_data":7370,"sent_data":1096,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"games-of-thrones.com","ip":{"addr":"45.15.170.16","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Cyprus","country_code":"CY"},"domain_registered":"2023-09-13","domain_rank":808004,"first_seen":"2013-05-21T23:58:34Z","last_seen":"2025-02-26T18:03:37.729016Z","alert_count":0,"request_count":1,"received_data":232823,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bitco-claim.com/assets/js/main.js","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5b87709d8ca9fa6469a41cd14ede332a","sha1":"72272442cb0881bed843979ca2902681422d2dfc","sha256":"5d83da0ed434a52daca346d785f5654920913164e64e0ad88701d5264fc2dc42","sha512":"b768bf37ba574ad844503420f2261e3a91486827209b8259dac09ee6ab80dfad1a5acec6cfea8b4e821c3e6cef712b165c4b251ac6228b02b258217315065580","ssdeep":"96:FeFnHLWO5I7kfEBc97kZrs/mOyVFW/qlVcQ1DWMeyagQ8HUITeCo63oo9x:+nHSOusEBchSeNySSoRMeyag5HUITely","tlshash":"0e91973526148835427b877b21cb6b833129348ff5c454a1a9f9dc5c3fd8c9622e57f6","size":4537,"data":"","first_seen":"2026-05-04T09:12:59.327549Z","last_seen":"2026-05-04T09:16:28.848828Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/js/clipboard.min.js","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"15f52a1ee547f2bdd46e56747332ca2d","sha1":"9a7cb405f9beed005891587d41f76a0720893ffc","sha256":"e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9","sha512":"ecee695e9734a0246bc64f1151f0d81609f49ced6dfa32ee20e41d38c469e003c1eee678bd28eca73a79cba603b43b385735124db5b304567f2ca2619f214e2b","ssdeep":"192:s6IMH3HEG9JVwkHg4LyAal318/NYusfkApXMdgmkpj:sy0G9J1zG3eFYP/XMmmkpj","tlshash":"77126399b291b0b15ae731a9412f920bf2766969708b90d0d239d4f0acbcdde4463f3d","size":9160,"data":"","first_seen":"2023-03-07T12:23:44Z","last_seen":"2026-05-10T16:43:15.323567Z","times_seen":29867,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"849e6db145f2905ce210f628bddd9de5","sha1":"d722fa9982da8aa48df88251bb1897f13c1db3b9","sha256":"aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04","sha512":"54adb372f9ed12e7da8a673e79f3988badb654de5969c767b9f9e65fbcc88423e68e12a73a2f590ccb60d7fba0e65d7cddfd7d806d7f701b2d3cee03f0dfc89a","ssdeep":"1536:OSif7R2qTTR2t4iYniNw+inreQURwTLBAF+27wXiYE3Yjr/I2:4R2cpXLBl27wXit3Yb","tlshash":"ca73b7593254b4730ade85b68037420bf2265994b24b802cb5bcadde2a7dcc67277f7c","size":80421,"data":"","first_seen":"2023-06-08T14:47:00Z","last_seen":"2026-05-10T17:58:00.003771Z","times_seen":15370,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/js/swiper-bundle.min.js","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1aba3b60641d8dc579dca329a28d74d8","sha1":"1a54fa817a49108dfdf2e75ce2ae507f007ac2bd","sha256":"6942f0873b6a7108e18a983b4192ad469011a8131317f88161d6f0917058da22","sha512":"62cc350dc2b53feb982eaa6b100ccd4093fe278853c78b7fdd7da76d5c2ccdaa3cc03fbd69f2e3050623cfb524e000cff84afefa626849c238dae786b503b310","ssdeep":"1536:vKJNfGmhnDcu8N4zeS3339a/BlxvHR7tky+j5N08Ufj0SaBDIvkAygTwwcc3AbSH:iJD0Nhos7tkyuBDVAygUg3KS6lfer","tlshash":"bce3e889a221b57646e316db93e4c261b3b54500b80ac4f470bd4c9f597ec9813feefa","size":148471,"data":"","first_seen":"2023-11-22T19:21:36Z","last_seen":"2026-05-10T15:28:54.152225Z","times_seen":4510,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/js/venobox.min.js","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bcc09e395f8c2f5ec99f7076e09cd587","sha1":"d9a2034ecd4c6256d489f523d21ef3e4893c0ec3","sha256":"e63ba0846f5a20edad2acb01dfb5464772cea3ea230cb7358bd43545db071b7a","sha512":"1cc4be9187a724c59c2c0320d03c8d06b1bf4ab31884df5136f6627dcf17451e111c8b8e454f4b1bbfdd21e487e76a3f1fe308fb8f40b0e18c2dfb816a428f7d","ssdeep":"384:maoWgNp06xJoAVUULd2PDg2HEHAiOYLBX3qE3N/209Fmy:Lo5Np07AVUULd2U2HEHgE3N+4Fmy","tlshash":"4072b8782318253d42b756f4719f8386337691e9e6128623077dd4950efacc8e1a3bea","size":16461,"data":"","first_seen":"2025-06-28T09:00:48.118753Z","last_seen":"2026-05-05T21:53:25.323251Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4f00e1946eaf6353c6c3b4f1f50e8e37","sha1":"9ab484be66a6d51ae31db2977dc727ecf015cbc6","sha256":"e55267f843a7eb913a8e88f0d6d9fb6c131de85ceef78827e8adaa278ab6d2ce","sha512":"ce9661ff76bd12653c868e61dbaa0523974ce7bca1801982241c21ff909b04f560582b680d62dca192f2a975acbf82b94a982a08a5c52cf8c627dfae1068eaf9","ssdeep":"","tlshash":"1801bd669efe296106af7b3f569e730c3631506a724487063a2c4fb85f70c749a23a44","size":768,"data":"","first_seen":"2026-05-04T09:12:59.345197Z","last_seen":"2026-05-04T09:16:28.856572Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b08105e25cde7557f8d4c983068e7426","sha1":"9b1992a936ee9ddb7489361e52b3072721377af1","sha256":"d421b3ef3856d25e794b5cdc0658eafac2ee8675ae223d7ebed8d0c4c027f72c","sha512":"622a9464cbe89385354aa2cc99d001be0cf1f4b729599d3a107308cd925e161df86652ced94a356db0f80063d5821115c54a9e366c33d35c2a0d6cdd61a33046","ssdeep":"","tlshash":"b6e02618996a492c814d130a9d3a3a02212f10fb09247c14fb8d8e496fc942b46952da","size":418,"data":"","first_seen":"2026-05-04T09:12:59.346214Z","last_seen":"2026-05-04T09:16:28.858011Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/js/preline.js","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ac4c53fbf02edf01e448b3dac39a937","sha1":"a14352e06c2a33c4e13745508de9428661005b13","sha256":"f97f76ddeeb7dff1a431739220cb2bf51d9d02fc2324546a71fbcf2d17d655a5","sha512":"dc9b3c62eb38c373477103a0ff02b5dcd3108f53ec741208c927bba928157ac1b89f2168e98b2aa65cd19133108890a565d64928be99ee0c2564bbed707d4919","ssdeep":"3072:pBGbhoOpjoaCOQLktwRhx0hEX26S27OSi:SCeoaCKtX","tlshash":"41e3c689f155b1b142ab90f5416b160eb33b795da0158078b578c8ea2cb8c8f7173fbe","size":144953,"data":"","first_seen":"2026-05-04T09:12:59.335801Z","last_seen":"2026-05-04T09:16:28.817408Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gtranslate.net/widgets/latest/flags.js","fqdn":"cdn.gtranslate.net","domain":"gtranslate.net","tld":"net"},"ip":{"addr":"104.26.13.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"52a36d98eb2d12d1b9d504ee2028849e","sha1":"22677cb983d0ab63eb4c64588569de2437c5c373","sha256":"75593e472507e7f019469417e6a37a297b5731dd92fc38b73b7e3b0c8e51ad85","sha512":"6d1d45d8b6b57a44376dc2f91d3c488c995520431b8e699eaee0254daeb4b153e29ebd088d161e75ce6e20b8455d3b03f1cdb3e3a3a1cc0434b4ca408d40bb19","ssdeep":"192:2PzCvSMaV0ZATrR09wMmQZcNt3oLQ+Dd9WH+I1wXS0ZgkKtIL2dDmfFVxLVCl69/:AzCKMPZATN09o0mtYLbXY+I1rSSdDsSw","tlshash":"2952c89a11f7003e9a131119effe1a5ca4f602974104f821bfadcd839f81aacd27b6d5","size":14472,"data":"","first_seen":"2026-05-01T03:01:39.854301Z","last_seen":"2026-05-06T12:36:02.694503Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bitco-claim.com/assets/img/profile.png","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /assets/img/profile.png HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 412948\r\nlast-modified: Sat, 02 May 2026 07:30:39 GMT\r\npriority: u=4,i=?0\r\netag: \"69f5a81f-64d14\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E5YRkOk4ks1oFiL8PgPTMwQ5GcVRl%2Bkz6mzi08x7HITuqEAzs%2FEQHmpZOxGlhCTn%2BHnjMzq7UtyviP33n9c4hfX5Mjh4OjCzqUegvm1HXcAk7lh1NqJ85spSrwfJlOd0gd4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662557e9db4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":412948,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 591 x 401, 8-bit/color RGBA, non-interlaced","md5":"82743a52f5c8286875f89cd9ec9ed760","sha1":"f51a0a411a58d653942f8d426e72ede2aa7e845f","sha256":"610c48bdd2b3f48a7815f7654191d1f47213d9825d195151569b1edeab7a0182","sha512":"7d32567936e5b19d069844bf661b7c20408fb6ff2e16d468319dcf35307ff9822772b26d01377fce5d2585ecaaf6370b92e46cc50a7ed52eca55a770918244c7","ssdeep":"6144:QE7VOTZlCoR4Tdkru6TXFNQxoXN+rbmN6/7CyD7cxRRsnt8QbD3r1uD+7cf+XX/K:QE7VK+qXSo8fmNACoSu8QXb++N/p5+","tlshash":"1094232785e792a6d72371c485bc21c988560a1423885b01a685dd6b25cfef3ffcbbe4","first_seen":"2026-05-04T09:12:59.322792Z","last_seen":"2026-05-04T09:16:28.841619Z","times_seen":2,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/js/venobox.min.js","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /assets/js/venobox.min.js HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 07 Feb 2024 21:46:30 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"65c3fa36-404d\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cWJu5DadFjKTqEgMkVsD%2FBECKSo5%2FrKcldcB%2BmIxDwIrwICUi5t0PwxHBNeRsBZffcbN1TcJGBbwAd9VbOOjqjLnggNvHb2ucwgGWn2msb69y%2FKWSusx8ZJ93jBLEUMtveI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662558ea4b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16461,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (16041)","md5":"bcc09e395f8c2f5ec99f7076e09cd587","sha1":"d9a2034ecd4c6256d489f523d21ef3e4893c0ec3","sha256":"e63ba0846f5a20edad2acb01dfb5464772cea3ea230cb7358bd43545db071b7a","sha512":"1cc4be9187a724c59c2c0320d03c8d06b1bf4ab31884df5136f6627dcf17451e111c8b8e454f4b1bbfdd21e487e76a3f1fe308fb8f40b0e18c2dfb816a428f7d","ssdeep":"384:maoWgNp06xJoAVUULd2PDg2HEHAiOYLBX3qE3N/209Fmy:Lo5Np07AVUULd2U2HEHgE3N+4Fmy","tlshash":"4072b8782318253d42b756f4719f8386337691e9e6128623077dd4950efacc8e1a3bea","first_seen":"2025-06-28T09:00:48.118753Z","last_seen":"2026-05-05T21:53:25.323251Z","times_seen":9,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://api.fpadserver.com/banner?id=13440\u0026size=300x250","date":"2026-05-04T09:12:30.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/roboto/v51/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://api.fpadserver.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Apr 2026 16:19:13 GMT\r\nexpires: Fri, 30 Apr 2027 16:19:13 GMT\r\ncache-control: public, max-age=31536000\r\nage: 319997\r\nlast-modified: Wed, 18 Feb 2026 19:51:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21884, version 1.0","md5":"4279528ce0e7dc28919e6f8ce5f0eaa5","sha1":"a0bec563643727d81bf21d0acec08227d9269da4","sha256":"425c0713a8176f92273d378599c7eac57de7fafabd4bd0ed457b70eb8f80d371","sha512":"2b6a62ea544e93669893bac8bb8a5233d55cda9c3b293add6f312808cdf5127822446a516b66656cdae7409c5938ad1ff4fe0a1ba48e52134e141d6a78100507","ssdeep":"384:74kazv9DMAYqVNsLRxmVN7UX3oC4JjImMex3viFG5Bt7/br6CfY/lC7:7fazv9DM2Q+I3oC4JjPb30G5rtfY/87","tlshash":"0aa2e187b3eaa46d5787b931fa0a1900b8fe73f65d27da6484e087c9a1456c48c3dd3c","first_seen":"2026-02-19T22:29:10.595811Z","last_seen":"2026-05-10T18:33:14.639783Z","times_seen":14494,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":106,"dns":1,"connect":21,"send":0,"wait":10,"receive":7,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/img/gradient-1.png","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /assets/img/gradient-1.png HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 283024\r\nlast-modified: Wed, 07 Feb 2024 21:46:32 GMT\r\npriority: u=4,i=?0\r\netag: \"65c3fa38-45190\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8iRivWch4coz8HZ%2BJuuIN7W089O5Zq8Ky8tZ6vcGzpQj5Q24VVunTNEl93c8%2BYN4U9kJfr6eoyM12lCzJp7OJ0zq4azc6Y4f2x9dXD7eOYfwbBOQrGUMf0zvsbTlXflW%2B5k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662557ea0b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":283024,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1088 x 1088, 8-bit colormap, non-interlaced","md5":"9d892b64e962fd93f8e79b7648f82230","sha1":"8a37643c418e72a3a9b5a4a4e59f1a08ab0b8bc3","sha256":"713bd0b3e1645c84f20325c3f4808caf1794a8f7122dfe3d02cdb732ea1fb21e","sha512":"5aaf42ac88348fc88ff2573d66d7bb5c094aee6409133e5249739802cf73a0eaa489105d33953e881e52c08d3360f9202d8fbcefebfb6b5ef3a79ebd3d69226c","ssdeep":"6144:hhtG/QIAYhGt/c0L5tU0q673V6ERPVntXHOb/FtCQN9aOeE:hhwkYq/c0LLVP7l6CtX+99FeE","tlshash":"0a54127d3421622581d23e3248b79b62dac06589ff56ed0921ff605bf882b6bd53a0d3","first_seen":"2026-05-04T09:12:59.325424Z","last_seen":"2026-05-04T09:16:28.852684Z","times_seen":2,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/img/gradient-2.png","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /assets/img/gradient-2.png HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 249739\r\nlast-modified: Wed, 07 Feb 2024 21:46:32 GMT\r\npriority: u=4,i=?0\r\netag: \"65c3fa38-3cf8b\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wBkiDxQKeEu9htg3dWoaCWYU%2BhVdQGg9llzIQXIf2Y8p18kyONeVBB2pMbsjXvIeKcQ5u%2B5L4l8HujJKIb9SGo3RswIVpD53DnoHIWL4Tl2o%2FHaRLmWCd0P80Ga6rHrNjuc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662557ea1b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":249739,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1088 x 1088, 8-bit colormap, non-interlaced","md5":"825db4c34e2c47fd51b941116a50e129","sha1":"3dbe63a9db3d85c23e45c7a7dc99ca9ba7e677ac","sha256":"92c710f4e415edbe901b0fc8bfe4ad3174c944681ee9195891f882d1998a9243","sha512":"328bcde89946ce25a625a3a93d28bad38a5de069bc47a577f405ee413114592cc3340b15f1791b2ad843487c92a9491ce504a071eb57c9b56f2b4cf370b7f397","ssdeep":"6144:DPlrq3DozzbkYrzN9II3mLFkMH+ibJfMDMgq/sbMMZwH5:h2TUbkQuI3AFP+iVMDzbMMuZ","tlshash":"6834239b9d973da856a237e031ed2826980f063bd729e878044b10ef193c95c6737f76","first_seen":"2025-04-02T19:31:04.00784Z","last_seen":"2026-05-04T09:16:28.842826Z","times_seen":5,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/js/main.js","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /assets/js/main.js HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 07 Feb 2024 21:46:30 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"65c3fa36-11b9\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QXIx1rjuXdHdOY7DTLJUrlG6T7zhA7xyFcBPhicVK5mpkwQ2emRJzfL8grWEQ936gaf5HViP0aZpqBIl6koCGl2HD1oO1nhkqWTTdZtj1eyTgNY3m1pYLNETDiK%2FL2ec8fE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662559ea6b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4537,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4537), with no line terminators","md5":"5b87709d8ca9fa6469a41cd14ede332a","sha1":"72272442cb0881bed843979ca2902681422d2dfc","sha256":"5d83da0ed434a52daca346d785f5654920913164e64e0ad88701d5264fc2dc42","sha512":"b768bf37ba574ad844503420f2261e3a91486827209b8259dac09ee6ab80dfad1a5acec6cfea8b4e821c3e6cef712b165c4b251ac6228b02b258217315065580","ssdeep":"96:FeFnHLWO5I7kfEBc97kZrs/mOyVFW/qlVcQ1DWMeyagQ8HUITeCo63oo9x:+nHSOusEBchSeNySSoRMeyag5HUITely","tlshash":"0e91973526148835427b877b21cb6b833129348ff5c454a1a9f9dc5c3fd8c9622e57f6","first_seen":"2026-05-04T09:12:59.327549Z","last_seen":"2026-05-04T09:16:28.848828Z","times_seen":2,"resource_available":true,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-04T09:12:29.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PHP/7.4.33\r\nset-cookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; path=/\nrsite=direct; expires=Mon, 18-May-2026 09:12:30 GMT; Max-Age=1209600; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SNYb1m84c9ht%2FbCVzljELpGMPGC472hwkgERTFXnVAMQza%2B9Ns%2BiIMXY%2B9Hxzxz%2FRRUrbyjn2OtY0%2FWqAHIcougW%2BwsyAi6ga0EzkAeZtJWgy%2BTnOviA7Yj2%2B55ovcm90W4%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9f666252bd7e56ba-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Preline UI","description":"Preline UI is an open-source set of prebuilt UI components based on the utility-first Tailwind CSS framework.","website":"https://preline.co","common_platform_enumeration":"","icon":"Preline UI.svg","categories":["UI frameworks"]},{"name":"Bootstrap:5.3.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":27444,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"17da52ae7ec32388431049274a3b547c","sha1":"55b2ea528ef25588b8d56f8b92280ecd63b9f539","sha256":"8d192b37d1b2a0d20a6e07d66af723a7353af811d108abbe906be7ac3c6cefc5","sha512":"2122d8f96bfc851e2076f7c54d8907d22d0641fa1cc8eb3e4e62d60c2816177dc3acfa7bf767fe3580f2f1bea78851e01e6ff9d7bde0157219bd29c559ad94bc","ssdeep":"192:WuxKbZoUKCo8GVDiT/rctjt/gDh3F6rjA6sDsC7oEan798pgAxVWUPEF9jpAS2uZ:LxKdozSjrcNt/g+I64xkMn2L4YPF","tlshash":"b6c2442089c5143741b396a6ab715f4aff91c247c71b865832fc2b8b6ffac14c953b98","first_seen":"2026-05-04T09:12:59.328365Z","last_seen":"2026-05-04T09:16:28.825971Z","times_seen":2,"resource_available":true,"data":null}},"time_used":220,"timings":{"blocked":29,"dns":9,"connect":1,"send":0,"wait":162,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/css/bootstrap.min.css","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /css/bootstrap.min.css HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 23 Nov 2024 20:29:56 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"67423b44-4102e\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zhCJJP00emsbYnFHBymQBlNkqzNB79cGOUrbrw5ncdxKQ4bjY5RrIBuqgnJnfPV%2FV3TR%2F8BgK1a3%2FhVKzYp0XXHQ38p3GA0QTWNkVfHVaZ2wjxhuXT4c94ciPDOWkiwE2Yo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662556e97b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":266286,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (342), with CRLF line terminators","md5":"ced7298135efc6749b938869abb3115d","sha1":"d6006cee752a1d0effc929ef504919082635b6d5","sha256":"6c6f615312011e480899b3a7ca750e5e03a3090e1e531b7662a202903a8cc46c","sha512":"e0d5d7fa4c4e2439e1c7c138d1b9c3b1be16b20d799ab33d21efe165c3a7324d5f3327159804280b1478205a23d9974fd2c200d05c0afe6620a9b9073b53a04d","ssdeep":"1536:J+Vw7rI7yOB89KfwG3lG6BPBwWRsaQhGB/lMduRFv3iZCT7C+YRTDH:LI7yo89KnsLsBWkPuCT7C+YRTDH","tlshash":"9d447155f540392c68f2db35a792bebdeb7e10d6cb010a95bdd3a3181b97bc21821dc8","first_seen":"2026-05-04T09:12:59.329229Z","last_seen":"2026-05-04T09:16:28.839089Z","times_seen":2,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/js/swiper-bundle.min.js","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /assets/js/swiper-bundle.min.js HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 07 Feb 2024 21:46:30 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"65c3fa36-243f7\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kER6BnGy0j%2Fj%2BIbkvh6AMT1C5lSYrJV%2BvM1W7iZjDy7ocfYOHEPPkieMkAioSrr%2Bk%2FT42X27kTqjx5WA1OfvzRK1z6lOqGbQJ0Bww1%2Bv%2Fl13f9UgBQPicw%2BuOWl0dK15cWY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662558ea3b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":148471,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65278)","md5":"1aba3b60641d8dc579dca329a28d74d8","sha1":"1a54fa817a49108dfdf2e75ce2ae507f007ac2bd","sha256":"6942f0873b6a7108e18a983b4192ad469011a8131317f88161d6f0917058da22","sha512":"62cc350dc2b53feb982eaa6b100ccd4093fe278853c78b7fdd7da76d5c2ccdaa3cc03fbd69f2e3050623cfb524e000cff84afefa626849c238dae786b503b310","ssdeep":"1536:vKJNfGmhnDcu8N4zeS3339a/BlxvHR7tky+j5N08Ufj0SaBDIvkAygTwwcc3AbSH:iJD0Nhos7tkyuBDVAygUg3KS6lfer","tlshash":"bce3e889a221b57646e316db93e4c261b3b54500b80ac4f470bd4c9f597ec9813feefa","first_seen":"2023-11-22T19:21:36Z","last_seen":"2026-05-10T15:28:54.152225Z","times_seen":4510,"resource_available":true,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zerads.com/ad/ad.php?width=468\u0026ref=10982","fqdn":"zerads.com","domain":"zerads.com","tld":"com"},"ip":{"addr":"162.0.208.108","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zerads.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 03:57:45 GMT","end":"Fri, 19 Jun 2026 03:57:44 GMT"},"fingerprint":{"sha1":"6E:8C:89:E4:05:6F:17:9D:75:14:64:FB:03:0A:6C:76:1C:AA:0D:E8","sha256":"CC:A7:DA:90:D7:E2:2F:80:E1:B7:78:2E:A4:B3:75:06:F8:35:CA:F4:F0:0A:D9:9E:39:A8:D4:FB:E0:5B:08:C2"}}},"request":{"raw":"GET /ad/ad.php?width=468\u0026ref=10982 HTTP/1.1\r\nHost: zerads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 04 May 2026 09:12:31 GMT\r\nServer: Apache\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding,User-Agent\r\nContent-Encoding: gzip\r\nContent-Length: 689\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1515,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (321)","md5":"52104be35f081bf6440a244fcf01fbbe","sha1":"1284b0e120eaaabce99f83facedbe37bb59aed2c","sha256":"28750588be9f81ffe47184c6d59cba178215e7497301a34814dca306c829ea5d","sha512":"29513c42ab77cd49b4baae827dcbf0304ae86931db6a7b508d788344947e283e5abfa2e2068e9dad019cbf2afeeb3e454432f9e71c2d4def5c0af8ebbaed786e","ssdeep":"","tlshash":"fe3144eb949b111954430aa979e0bb8d3023808fdeb1f9487d7d466acf44dd76492acc","first_seen":"2026-05-04T09:12:59.330527Z","last_seen":"2026-05-04T09:12:59.330527Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1462,"timings":{"blocked":629,"dns":332,"connect":160,"send":0,"wait":171,"receive":2,"ssl":165},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://api.fpadserver.com/banner?id=13440\u0026size=300x250","date":"2026-05-04T09:12:30.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"E9:E5:B7:DA:0A:AE:59:02:EA:10:61:71:9B:52:3A:08:42:A0:67:A5","sha256":"F6:1D:CE:31:AA:9C:7B:58:1D:1D:14:96:99:B6:58:CC:FB:AE:D5:3C:F8:FB:40:E3:45:2D:4A:54:11:B4:E2:F3"}}},"request":{"raw":"GET /css?family=Roboto\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://api.fpadserver.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 04 May 2026 09:12:30 GMT\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5746,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"dfa65fcd6017ba2c1cf093c705e2c975","sha1":"305ddf2fa610a798dcb5c26c4cefae17edb092de","sha256":"55765d8b683a0ce25e43363f56ebd29632716d24c60cecf5dea499f86e124b68","sha512":"5abd0edeab527f3aec1620eda46530d18723204d76c835b4c23dbcb5fd913c4a37ae099ecf7a176c461da4fe6793d088456427d1d0fa46ed1c4e6e56020cab36","ssdeep":"96:1OEbaNslOEbaN3FZKOEbaNTOEbaNoTOEbaNEy+aZjzBrgOEbaNfubqGIFuV4yOEd:2NsmNRNkNokNEqbN2bqGIwV4BNCNCwNX","tlshash":"66c10e91041704409b834cd227ce7f35fe1f92116145d0b9ebfc9b6b9debda6426835e","first_seen":"2026-02-19T23:10:15.778009Z","last_seen":"2026-05-10T17:52:31.337887Z","times_seen":8398,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":134,"dns":1,"connect":21,"send":0,"wait":40,"receive":0,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/css/style.css","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 02 May 2026 12:12:12 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\netag: W/\"69f5ea1c-38eb\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6sZHASm%2B4eIbsWuvgRdFUI9gK%2FupPAz42n9dr%2B4SMwZBERVfOlxGXPlSQs2Zm0FxH6QefCwjVDMvA34T%2Blp56IjKJ8zf%2BJEPxwmeWK%2FXeZzkwRwTkyqZX6V4tM9HciaPojc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662556e98b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14571,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"dcd667cb7a7537ba18999bbc0fe4a22e","sha1":"75e48fd926323ac0b1090573f5adb56bd98d96ba","sha256":"46ce634b4c8d22c4aecaf3352b5de1cd22b4f704f7abdb7c4a395fd976b6ab8c","sha512":"15a93d12d58cc4759925d022009271eff58056408d8af63c935b6dd1f806b8090f601c573eeb7da41a0a0a3f5817ff4b108bc15e0b850186e7e9ec9f56272083","ssdeep":"192:HbuQykAziMWPib7Gtc0MlQcIPotc0Pv5VGxAa8AlL9YAl+E2A+40Oq7cbYalo1Tc:H4db7WkQqm5u0nQQ","tlshash":"d452a520d54624495233e265df915a0dfbbd90bfbf1312ad36dd38292ff60bc8166a88","first_seen":"2026-05-04T09:12:59.331845Z","last_seen":"2026-05-04T09:16:28.827538Z","times_seen":2,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/img/dowprofile.png","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /assets/img/dowprofile.png HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 605607\r\nlast-modified: Sat, 02 May 2026 07:53:24 GMT\r\npriority: u=4,i=?0\r\netag: \"69f5ad74-93da7\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UxwY%2BCUa3MES1oz9xjHDC89y99V%2F%2Botw%2BhtnWHIr%2B1V8X2w4oRwbrFA8NkGIMK8gM2HgtiLVmidR35aG6zif3ydL56R0qNknrc9c9mXek6yUiTXDRAIhQmLAedr2VdOKz5A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662557e9fb4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":605607,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 815 x 400, 8-bit/color RGBA, non-interlaced","md5":"c6bed42e38547548db3ce28484196562","sha1":"da56f71b329f55c23820086e186d00542cfdae41","sha256":"0c72897ce79cbbd45330156e9964711f0e0354966c9b7935088821550ed1189b","sha512":"00cc032af04220898102e9ad3a528f5870e40f8f7ba3c6443b5377f14e3edc9d0ff59e2fbd13367a36451daf3ae8788e58b2fd0ba8bc076821e8578d8e85f1d3","ssdeep":"12288:2Vu1hcf2oowK1kgkSN3ITlU479/tNbp5QXiJsr/Cfent:1hcfDowqkg7YxtNgXbdt","tlshash":"39d4338cb8971135c291b3d510a324b943751626c3d25b7b387ec8ef5a7fb9c5882f86","first_seen":"2026-05-04T09:12:59.332673Z","last_seen":"2026-05-04T09:16:28.830538Z","times_seen":2,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.12.0/webfonts/fa-solid-900.woff2","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.67.142.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 04:30:42 GMT","end":"Wed, 22 Jul 2026 05:30:36 GMT"},"fingerprint":{"sha1":"13:A8:C3:10:C1:19:3F:93:6B:0E:8F:1F:8A:5E:F0:D5:AA:B3:0E:B5","sha256":"9F:52:1F:FC:F1:4E:62:ED:CA:52:A1:90:90:18:0D:F9:2E:FD:64:67:3F:07:CC:25:3A:A1:C2:02:E0:AF:E4:FB"}}},"request":{"raw":"GET /releases/v5.12.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: use.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bitco-claim.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://use.fontawesome.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 76084\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\netag: \"f6121be597a72928f54e7ab5b95512a1\"\r\nlast-modified: Fri, 22 Sep 2023 01:45:05 GMT\r\nvary: Origin\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g4U4EpePOfJgMLIYDEWVet8Ifofg6blyZ1GPgCjMNaZribS%2B4ljm2xCkhPM6ShgM2iFKwqbmoOFbMcpl3egDNRJD3XCzXnASgvqxdvUlnQ5lUGd01eHbEw65Zk%2FaXAM0turL0gHT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: HIT\r\ncf-ray: 9f6662578f2a5a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76084,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 76084, version 330.-16253","md5":"f6121be597a72928f54e7ab5b95512a1","sha1":"b2c74520c3f506efbfefca867918e5ae28bd5222","sha256":"787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4","sha512":"ff0dc2e7f41b5dda10f19ca4d476d6c786fa7a595288f9cb3db2c068293149a1b358119a9c1d9da616b5f9d3fd3f414258f295570e7bb755a665b143861be6fb","ssdeep":"1536:5aSdUQZ3ADXjohf3m4qWSmBItOgDmEyN1M8cKRBFj3JLnD29fsAP+TSd:5aeJpIXjoBmA7fkmEyNuK/95W9fbmTa","tlshash":"7a7302ff77b7a4eabc607780467253d3818aa059e48f507eca4d02dda69d17c2063687","first_seen":"2023-04-07T23:35:47Z","last_seen":"2026-05-10T13:51:42.396322Z","times_seen":6972,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":12,"dns":1,"connect":1,"send":0,"wait":113,"receive":4,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.a-ads.com/a-ads-banners/555705/468x60?region=eu-central-1","fqdn":"static.a-ads.com","domain":"a-ads.com","tld":"com"},"ip":{"addr":"148.251.13.139","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ad.a-ads.com/2429999/?size=468x60","date":"2026-05-04T09:12:30.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.a-ads.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Mon, 21 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"09:CA:DB:64:77:8B:64:43:31:43:7E:A6:8A:AF:B1:4A:03:9D:31:86","sha256":"FD:0E:3C:95:7C:B3:9B:56:1D:1D:E1:8E:0A:1E:F0:41:36:C4:42:FF:EE:7E:E6:BF:FD:14:ED:E0:8C:99:4C:4A"}}},"request":{"raw":"GET /a-ads-banners/555705/468x60?region=eu-central-1 HTTP/1.1\r\nHost: static.a-ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ad.a-ads.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: image/gif\r\ncontent-length: 227005\r\nx-amz-id-2: wZ+S+s13v+ytiBLDrz278fIPeHKXPZ9r1ZW2nmDXLllH5jIVhoFGsOUwJww2ROv6rB9e49foDR0=\r\nx-amz-request-id: 850J7FR9RTWD3Z4P\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Wed, 11 Feb 2026 05:18:11 GMT\r\netag: \"cddf0649b8a4d499e6d7fbf9d7bac561\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=315360000\r\nx-amz-version-id: knk5FNixogx5uvZFCM30.GjSTQ6sHWb9\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":227005,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 468 x 60","md5":"cddf0649b8a4d499e6d7fbf9d7bac561","sha1":"60d6c6a5cc80f4cf11f05aa3e03a1253d512b078","sha256":"5d36e1a004f1caeef6db2b42419529793b9fc983da8ec958c3baffcd48f118fc","sha512":"964b01c7b9f64148544badec638cbb3a0ebde4aa5cf2ed80059116fec813345203d567ffce4b5cd590afd24f9bbecee75565e6d63c3cf30dc17748fec9adbcf7","ssdeep":"3072:/MI3YwUnsHnMyHSJFApaLvcxRsPDQ15FEjij13JaG3P1QjMZZsovkS7SaFlGy6ZW:UIWnmMyHSJF615Gk3Ja10FMSWaGy6gT","tlshash":"5a24120ed21d33794a74baa187faaf8a47505473f8a552a7046cf21e80f1adc46fed43","first_seen":"2026-02-19T10:01:13.729218Z","last_seen":"2026-05-07T22:23:36.989808Z","times_seen":16,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":55,"dns":0,"connect":0,"send":0,"wait":72,"receive":113,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/js/clipboard.min.js","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /assets/js/clipboard.min.js HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 07 Feb 2024 21:46:30 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"65c3fa36-23c8\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kAWTVH0W84PhK53ewJG6FMJ6tNjqSapFfl6eV9kYpJmgc8JVIetF%2BzsQ0LVpkJyQ34RXlQEjm1J8Rhp%2Bb0S%2BcDtm0E26L7UqMpxUhY%2FhA6ODFVjxC5zvMgA2IF9qMTNRawE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662558ea5b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9160,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9067)","md5":"15f52a1ee547f2bdd46e56747332ca2d","sha1":"9a7cb405f9beed005891587d41f76a0720893ffc","sha256":"e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9","sha512":"ecee695e9734a0246bc64f1151f0d81609f49ced6dfa32ee20e41d38c469e003c1eee678bd28eca73a79cba603b43b385735124db5b304567f2ca2619f214e2b","ssdeep":"192:s6IMH3HEG9JVwkHg4LyAal318/NYusfkApXMdgmkpj:sy0G9J1zG3eFYP/XMmmkpj","tlshash":"77126399b291b0b15ae731a9412f920bf2766969708b90d0d239d4f0acbcdde4463f3d","first_seen":"2023-03-07T12:23:44Z","last_seen":"2026-05-10T16:43:15.323567Z","times_seen":29867,"resource_available":true,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.fpadserver.com/banner?id=13440\u0026size=300x250","fqdn":"api.fpadserver.com","domain":"fpadserver.com","tld":"com"},"ip":{"addr":"172.67.182.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fpadserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Apr 2026 01:00:54 GMT","end":"Wed, 08 Jul 2026 01:59:15 GMT"},"fingerprint":{"sha1":"90:43:B4:55:54:70:59:2A:6D:77:9B:07:67:BE:4F:88:B4:93:E5:AE","sha256":"84:28:65:5C:D5:92:FF:81:2A:20:6B:29:72:BF:1C:E7:28:C5:23:E8:8D:6E:7F:29:3D:A9:87:6F:1A:02:B2:AA"}}},"request":{"raw":"GET /banner?id=13440\u0026size=300x250 HTTP/1.1\r\nHost: api.fpadserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\ncache-control: no-cache\r\nx-server: ADS-Server\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E6D%2Bq%2FHTuyKA9O2Z3uLssjdWqXbT3DINO1K8IkDpqV2jFGRVyYilvNhTLaF861glulXPsI34CXGMsS%2FWwkCiUAyo1OCvq50WbMNPalNBsAOHpMytiKXwU2%2FL8xuQW6ysxWQkQCA%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9f666255e94d56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2916,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"5eb689cb658a54c20a2326d9c74824a6","sha1":"c6916bef846759ae82e6e115722bbfc87023fdcc","sha256":"484cf3f4325b73e9bbae51121c71834f841eeb1d6615b1a457fb7c4dcd0e76a3","sha512":"4601d52795f2f864350cf5fe4f7a780b65d8f44c7f99d466685e12c0778d654f0e67521e1ee94576329f73e7f82390c4c4e13e7a1f7e55dbcd12497d97cfe5d8","ssdeep":"","tlshash":"a151d23b97e4111921b79b60ab56a31dfa6300279a63527cba9cc7938fb9824841be44","first_seen":"2026-01-31T01:44:03.860418Z","last_seen":"2026-05-04T09:16:28.82942Z","times_seen":4,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":15,"dns":18,"connect":6,"send":0,"wait":39,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/js/preline.js","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /assets/js/preline.js HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 07 Feb 2024 21:46:30 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"65c3fa36-23639\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JdjA4QaFNhccjjzef%2B1p%2BD4mUDkeo8q7OEqIXqiOJFZdIwgtsYr4DrP0P6dCC1j2STq%2FUSzGoZxHNAyHqsVebAVJ8Zef5i6OC0MdBAsuDmCEYX1G021mzR0r7QXH14Mkvx0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662558ea2b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":144953,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65486)","md5":"5ac4c53fbf02edf01e448b3dac39a937","sha1":"a14352e06c2a33c4e13745508de9428661005b13","sha256":"f97f76ddeeb7dff1a431739220cb2bf51d9d02fc2324546a71fbcf2d17d655a5","sha512":"dc9b3c62eb38c373477103a0ff02b5dcd3108f53ec741208c927bba928157ac1b89f2168e98b2aa65cd19133108890a565d64928be99ee0c2564bbed707d4919","ssdeep":"3072:pBGbhoOpjoaCOQLktwRhx0hEX26S27OSi:SCeoaCKtX","tlshash":"41e3c689f155b1b142ab90f5416b160eb33b795da0158078b578c8ea2cb8c8f7173fbe","first_seen":"2026-05-04T09:12:59.335801Z","last_seen":"2026-05-04T09:16:28.817408Z","times_seen":2,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ad.a-ads.com/2429999/?size=468x60","fqdn":"ad.a-ads.com","domain":"a-ads.com","tld":"com"},"ip":{"addr":"148.251.13.139","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.a-ads.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Mon, 21 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"09:CA:DB:64:77:8B:64:43:31:43:7E:A6:8A:AF:B1:4A:03:9D:31:86","sha256":"FD:0E:3C:95:7C:B3:9B:56:1D:1D:E1:8E:0A:1E:F0:41:36:C4:42:FF:EE:7E:E6:BF:FD:14:ED:E0:8C:99:4C:4A"}}},"request":{"raw":"GET /2429999/?size=468x60 HTTP/1.1\r\nHost: ad.a-ads.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: text/html;charset=utf-8\r\nvary: Accept-Encoding, Accept-Encoding\r\nstatus: 200 OK\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-powered-by: Phusion Passenger(R)\r\nx-original-referer: https://bitco-claim.com/\r\nx-robots-tag: noindex, nofollow, nosnippet, noarchive\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Phusion Passenger","description":"Phusion Passenger is a free web server and application server with support for Ruby, Python and Node.js.","website":"https://phusionpassenger.com","common_platform_enumeration":"cpe:2.3:a:phusionpassenger:phusion_passenger:*:*:*:*:*:*:*:*","icon":"Phusion Passenger.png","categories":["Web servers"]}],"data":{"size":15760,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (7595)","md5":"975aa34fd1067d8a5920817edc3d94c5","sha1":"fa97f243494fb273e268f54e97f375c5fdfb9a7d","sha256":"7f38d9f268d105140c7d45b42c4da154b7d7b73eaf9190e531cb8a3cde4643ff","sha512":"a9161f30a4efa27a5fac014c295f4e74a49536f5201381d0c61fb8c23cef98020d0b82c1778ecc9ffaa8731d6d4b2c9d864caf022151314c1cebb81aa99f24c6","ssdeep":"192:cj1YzXciFm6Bm+hDS5tCCXN9bcLcW48h8LwWPqorEDWS6P18Cwi3DJOJqMRTeXek:cwNI+AlcaNLPPqP566sqXU","tlshash":"0662b923a254712e30383e2fec9165ee7115f06efb724fd0f4e9dab5c28a28519d1a4c","first_seen":"2026-05-04T09:12:59.336612Z","last_seen":"2026-05-04T09:12:59.336612Z","times_seen":1,"resource_available":false,"data":null}},"time_used":529,"timings":{"blocked":206,"dns":62,"connect":36,"send":0,"wait":60,"receive":0,"ssl":162},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/img/fav/apple-touch-icon.png","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /img/fav/apple-touch-icon.png HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 60764\r\nlast-modified: Sat, 02 May 2026 11:10:48 GMT\r\npriority: u=6,i=?0\r\netag: \"69f5dbb8-ed5c\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9UDrEPOWzWlr%2BXHZ%2FM1mJf3u3WukI40LI06XisplJghuxmV8dgapWyv077XejCQ6CXdf0ZPoDCWwuDNnM54S452Z8BDO8dm6dJ9tQs5NQqwf1KuwZeufyHVBxAigHW3oI%2FQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662584ec0b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":60764,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"f38de41f79e0c536a871ca1a6a960e28","sha1":"0017c607b0489215c8937c5b61012c2f9fee6ed6","sha256":"48c1df569e76bd6ed12c39a15b7e95c99cc59839adb9ded7eb32eeb92d96c8cf","sha512":"c47f05080d325491d69c013a7256723803a0f67a26e3e46e9f12e0e884ff54be4879b57b2a1a1bd6f22de9aee8ce19bc1fc4c8c251ffe3dd61320568bcd417f1","ssdeep":"768:bfLXPpyl1+uMCvqP2Y5C4fdsisPqci51N96NggL+nvrtcn/2atAbUaAeWba41X6x:b9E/Mo5osy959agw+nvry+V7oa4h6x","tlshash":"a753028f01779992232ff8589c68c509add20fc35d4e407b3a23f9e886512f6992be94","first_seen":"2026-05-04T09:12:59.337646Z","last_seen":"2026-05-04T09:16:28.837445Z","times_seen":2,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/img/fav/favicon-16x16.png","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /img/fav/favicon-16x16.png HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 1388\r\nlast-modified: Sat, 02 May 2026 11:10:48 GMT\r\npriority: u=6,i=?0\r\netag: \"69f5dbb8-56c\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5seIRtHgeHe0y1CU93A4A0a45s%2Fy1UUQPvN%2FEVgm%2FjPt4Gn1Hf48VMHXGSAv1jIFuTnHnWHvIGC7Ax0JOOWqMJJxC9R5wkxU4xpNvluhRJQJXPY7%2FLAidsAJOXB9mNNDcqs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662584ec1b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1388,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"2e0a4cba3bd7e505492f9135e6fca2c6","sha1":"e61452712fae68f91dc0bea8cf1e77b23c614011","sha256":"680ed0162836d06aca9b56dc3856f8f6983502bff808441bbb63f7ed3a62f03a","sha512":"24a2a477919b836765142f43813e63bd2366cdeeb167f2e8cafc46f763fa7dcc16222cc76b4470a6ad8fad2acf6b211fb45280bd774319b4c5f812bccf8a259b","ssdeep":"","tlshash":"1221d8c4752456f0ce4b92b78fda64b6ff220d4b4342811daf7ae048470e84c539b992","first_seen":"2026-05-04T09:12:59.338911Z","last_seen":"2026-05-04T09:16:28.836292Z","times_seen":2,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"use.fontawesome.com/releases/v5.12.0/css/all.css","fqdn":"use.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.67.142.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 23 Apr 2026 04:30:42 GMT","end":"Wed, 22 Jul 2026 05:30:36 GMT"},"fingerprint":{"sha1":"13:A8:C3:10:C1:19:3F:93:6B:0E:8F:1F:8A:5E:F0:D5:AA:B3:0E:B5","sha256":"9F:52:1F:FC:F1:4E:62:ED:CA:52:A1:90:90:18:0D:F9:2E:FD:64:67:3F:07:CC:25:3A:A1:C2:02:E0:AF:E4:FB"}}},"request":{"raw":"GET /releases/v5.12.0/css/all.css HTTP/1.1\r\nHost: use.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: text/css\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3FkA4TqzfHUp7Of3d13qILrBkGHQIui8zvPIC87I5ckvAbTSVi8ITzb4Hm4J%2FTL9sQOrlYz0TUnewSRtfW1ngSeu6w8CxK3sMw0dCwuIAr8jBVNqYqIHgzIwZGnEtg2Lp0yDdAjV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: HIT\r\ncache-control: max-age=31556926\r\nage: 1377433\r\nlast-modified: Fri, 22 Sep 2023 01:45:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"500d1a92f875b1d96d37a3a3f8f0438c\"\r\ncontent-encoding: br\r\ncf-ray: 9f66625599d65688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57180,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (56994)","md5":"500d1a92f875b1d96d37a3a3f8f0438c","sha1":"703603273f5d5d52eb456d6385e1a68294fbd568","sha256":"c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd","sha512":"73dde27cfa13bcc744247feb288701c7ffc02f5ce7abdfb8fd198c19a7c8fef9d315efdd2b09e7d6ea1eb33136cc90504d2d429390aa48113edf89e0d8fb6126","ssdeep":"768:sEC319PizNq4/xBo8UHJikQ2R/oMQyYJrX75CthZQz5:sEkPUE4/3uHEB2Wfd7stAF","tlshash":"42430cb8e54c01c9a731c44fbf82b2bc61b6f73de5914d95f00e691c2ad26a811c5fba","first_seen":"2023-04-05T04:00:44Z","last_seen":"2026-05-10T16:26:21.264314Z","times_seen":4319,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":1,"connect":1,"send":0,"wait":11,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.fpadserver.com/banner?id=13440\u0026size=300x250","fqdn":"api.fpadserver.com","domain":"fpadserver.com","tld":"com"},"ip":{"addr":"172.67.182.202","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fpadserver.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Apr 2026 01:00:54 GMT","end":"Wed, 08 Jul 2026 01:59:15 GMT"},"fingerprint":{"sha1":"90:43:B4:55:54:70:59:2A:6D:77:9B:07:67:BE:4F:88:B4:93:E5:AE","sha256":"84:28:65:5C:D5:92:FF:81:2A:20:6B:29:72:BF:1C:E7:28:C5:23:E8:8D:6E:7F:29:3D:A9:87:6F:1A:02:B2:AA"}}},"request":{"raw":"GET /banner?id=13440\u0026size=300x250 HTTP/1.1\r\nHost: api.fpadserver.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\ncache-control: no-cache\r\nx-server: ADS-Server\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6Z2CEI278rxypz%2BQ2b2c2AzVDkEujlaq5z05UQZcFXs337oU4VMTHwl9huzrnKqZxDdxeAO1rBtGUoi21EsyT86wfoWRXbWeAYAPdque4AJBt%2BAde6SsKL6ayqogI0gVPAK%2FIJU%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9f666255e94b56bd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2916,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"5eb689cb658a54c20a2326d9c74824a6","sha1":"c6916bef846759ae82e6e115722bbfc87023fdcc","sha256":"484cf3f4325b73e9bbae51121c71834f841eeb1d6615b1a457fb7c4dcd0e76a3","sha512":"4601d52795f2f864350cf5fe4f7a780b65d8f44c7f99d466685e12c0778d654f0e67521e1ee94576329f73e7f82390c4c4e13e7a1f7e55dbcd12497d97cfe5d8","ssdeep":"","tlshash":"a151d23b97e4111921b79b60ab56a31dfa6300279a63527cba9cc7938fb9824841be44","first_seen":"2026-01-31T01:44:03.860418Z","last_seen":"2026-05-04T09:16:28.82942Z","times_seen":4,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":18,"dns":21,"connect":1,"send":0,"wait":40,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ad.a-ads.com/2429999/?size=468x60","date":"2026-05-04T09:12:30.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://ad.a-ads.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 03 May 2026 13:42:27 GMT\r\nexpires: Mon, 03 May 2027 13:42:27 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 70204\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-05-10T18:28:08.253542Z","times_seen":173594,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":113,"dns":5,"connect":8,"send":0,"wait":9,"receive":5,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitco-claim.com/assets/img/logo.png","fqdn":"bitco-claim.com","domain":"bitco-claim.com","tld":"com"},"ip":{"addr":"172.67.156.171","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitco-claim.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 May 2026 05:33:45 GMT","end":"Fri, 31 Jul 2026 05:33:44 GMT"},"fingerprint":{"sha1":"56:85:A0:7B:F0:71:49:CC:30:17:87:4E:59:09:BF:36:B8:D1:6D:98","sha256":"01:A8:EF:DE:35:AA:EB:94:77:4A:B9:B4:85:F3:AC:D0:1E:10:8E:00:8F:37:39:01:37:9E:17:56:58:8F:8F:F7"}}},"request":{"raw":"GET /assets/img/logo.png HTTP/1.1\r\nHost: bitco-claim.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nCookie: PHPSESSID=18d9ea2bb388e3c312c061a19fa70787; rsite=direct\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 101221\r\nlast-modified: Sat, 02 May 2026 07:36:47 GMT\r\npriority: u=4,i=?0\r\netag: \"69f5a98f-18b65\"\r\nexpires: Tue, 05 May 2026 09:12:30 GMT\r\ncache-control: max-age=86400\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fkukU9OkPUT1geZ%2FB71912qFl5aqifcVOsoNtEOeFNFlIlhaW8zAWDrEsGloQceObIY0yFLViHsI9OuhHEYNemgZjYVxtFLfR1UitpXxpfIF6fPYsz%2Fq45zjyUFrUqpL20c%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f6662557e9eb4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":101221,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 663 x 110, 8-bit/color RGBA, non-interlaced","md5":"69d9b1e30ca8959a0d65bd5df276a5fa","sha1":"b15ad97385f3666cbbbd52b4198f916c2d0d9ac5","sha256":"9ab9e0623b156680d64df14a5dc340dcf584968e9c48517104cc3a3d4d72a092","sha512":"cd3d49dfde07767bd03ab5054df6d537e0e1c164cf11e0da9a21ddd8ce9afc229d22775027d0737330667a230f6f762d649d9571e0be318cf21b879d5cb4313d","ssdeep":"1536:ByF6G3AegtpIU2z0cirj1V+zfluE/176hnsbE5jKYrXTDXtUrS+4ziDdKHcKRlQE:Ty0tpIB3Q3+bluKssbE5jKCTKOyRTNE","tlshash":"6ea30242df99d9f4621c302df76f7bb81aed884a87834816b4f0dfced9a0745844ab54","first_seen":"2026-05-04T09:12:59.340856Z","last_seen":"2026-05-04T09:16:28.832634Z","times_seen":2,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"bitco-claim.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 23984\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.0\r\nx-jsd-version-type: version\r\netag: W/\"13a25-1yL6mYLaiqSN+IJRuxiX8Twds7k\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230147-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 3609921\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FFTa2B49M8hljnKTi37GKaGsx4X54kTqt9ekGDvkrpGkRCLM5QDQM4JKr0NsSIwp27gz5EGVj4dTpt%2BsqVFkw0oj5vZI1aC5sq81KIDut34rjbNnGxdsf83m7oYf%2Bb1z9Eg%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9f666255a938b503-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80421,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"849e6db145f2905ce210f628bddd9de5","sha1":"d722fa9982da8aa48df88251bb1897f13c1db3b9","sha256":"aa53d582f97eb594c2a5cc5824574707f9ba9837bce3046bfa5f3556860f4e04","sha512":"54adb372f9ed12e7da8a673e79f3988badb654de5969c767b9f9e65fbcc88423e68e12a73a2f590ccb60d7fba0e65d7cddfd7d806d7f701b2d3cee03f0dfc89a","ssdeep":"1536:OSif7R2qTTR2t4iYniNw+inreQURwTLBAF+27wXiYE3Yjr/I2:4R2cpXLBl27wXit3Yb","tlshash":"ca73b7593254b4730ade85b68037420bf2265994b24b802cb5bcadde2a7dcc67277f7c","first_seen":"2023-06-08T14:47:00Z","last_seen":"2026-05-10T17:58:00.003771Z","times_seen":15370,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":4,"connect":3,"send":0,"wait":9,"receive":2,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gtranslate.net/widgets/latest/flags.js","fqdn":"cdn.gtranslate.net","domain":"gtranslate.net","tld":"net"},"ip":{"addr":"104.26.13.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitco-claim.com/","date":"2026-05-04T09:12:30.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtranslate.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Apr 2026 01:55:15 GMT","end":"Sun, 26 Jul 2026 02:55:11 GMT"},"fingerprint":{"sha1":"D6:E2:75:3C:2F:30:B7:97:9A:7C:14:F6:CF:B5:AC:7E:65:97:D7:F2","sha256":"20:CF:1D:C9:5C:C1:82:AF:96:53:40:95:67:34:CE:40:4D:CE:B1:34:17:45:1A:79:F8:1C:7E:60:A5:FF:6F:8E"}}},"request":{"raw":"GET /widgets/latest/flags.js HTTP/1.1\r\nHost: cdn.gtranslate.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitco-claim.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 30 Apr 2026 20:25:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Fri, 30 Apr 2027 20:30:16 GMT\r\ncache-control: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C4MjJ%2FKu3SmlT1hvb7xQ3VjDJgCE9qfY9%2FTDu6N1OoIVMd%2BF57FolxF4gRSVAyjX7Eg8ofvsnkIdFATVU7FVR%2FpkN5GMPkq0jBK%2B7rPw9hVCYHX%2F7H8RwyS4%2BBJLwTOxMhkFuQ%3D%3D\"}]}\r\nage: 304933\r\ncf-cache-status: HIT\r\netag: W/\"69f3bad7-3888\"\r\ncontent-encoding: br\r\ncf-ray: 9f666255a8fa56ba-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14472,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3129)","md5":"52a36d98eb2d12d1b9d504ee2028849e","sha1":"22677cb983d0ab63eb4c64588569de2437c5c373","sha256":"75593e472507e7f019469417e6a37a297b5731dd92fc38b73b7e3b0c8e51ad85","sha512":"6d1d45d8b6b57a44376dc2f91d3c488c995520431b8e699eaee0254daeb4b153e29ebd088d161e75ce6e20b8455d3b03f1cdb3e3a3a1cc0434b4ca408d40bb19","ssdeep":"192:2PzCvSMaV0ZATrR09wMmQZcNt3oLQ+Dd9WH+I1wXS0ZgkKtIL2dDmfFVxLVCl69/:AzCKMPZATN09o0mtYLbXY+I1rSSdDsSw","tlshash":"2952c89a11f7003e9a131119effe1a5ca4f602974104f821bfadcd839f81aacd27b6d5","first_seen":"2026-05-01T03:01:39.854301Z","last_seen":"2026-05-06T12:36:02.694503Z","times_seen":27,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":9,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ad.a-ads.com/2429999/?size=468x60","date":"2026-05-04T09:12:30.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"E9:E5:B7:DA:0A:AE:59:02:EA:10:61:71:9B:52:3A:08:42:A0:67:A5","sha256":"F6:1D:CE:31:AA:9C:7B:58:1D:1D:14:96:99:B6:58:CC:FB:AE:D5:3C:F8:FB:40:E3:45:2D:4A:54:11:B4:E2:F3"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ad.a-ads.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 04 May 2026 09:12:30 GMT\r\ndate: Mon, 04 May 2026 09:12:30 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-05-10T18:19:19.898238Z","times_seen":25607,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://api.fpadserver.com/banner?id=13440\u0026size=300x250","date":"2026-05-04T09:12:30.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/roboto/v51/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://api.fpadserver.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Apr 2026 16:19:13 GMT\r\nexpires: Fri, 30 Apr 2027 16:19:13 GMT\r\ncache-control: public, max-age=31536000\r\nage: 319997\r\nlast-modified: Wed, 18 Feb 2026 19:51:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21884, version 1.0","md5":"4279528ce0e7dc28919e6f8ce5f0eaa5","sha1":"a0bec563643727d81bf21d0acec08227d9269da4","sha256":"425c0713a8176f92273d378599c7eac57de7fafabd4bd0ed457b70eb8f80d371","sha512":"2b6a62ea544e93669893bac8bb8a5233d55cda9c3b293add6f312808cdf5127822446a516b66656cdae7409c5938ad1ff4fe0a1ba48e52134e141d6a78100507","ssdeep":"384:74kazv9DMAYqVNsLRxmVN7UX3oC4JjImMex3viFG5Bt7/br6CfY/lC7:7fazv9DM2Q+I3oC4JjPb30G5rtfY/87","tlshash":"0aa2e187b3eaa46d5787b931fa0a1900b8fe73f65d27da6484e087c9a1456c48c3dd3c","first_seen":"2026-02-19T22:29:10.595811Z","last_seen":"2026-05-10T18:33:14.639783Z","times_seen":14494,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":108,"dns":1,"connect":8,"send":0,"wait":10,"receive":2,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"comorosmaritime.org/icon.png","fqdn":"comorosmaritime.org","domain":"comorosmaritime.org","tld":"org"},"ip":{"addr":"203.161.58.67","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zerads.com/ad/ad.php?width=468\u0026ref=10982","date":"2026-05-04T09:12:31.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"webmail.comorosmaritime.org","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Mar 2026 10:56:40 GMT","end":"Wed, 03 Jun 2026 10:56:39 GMT"},"fingerprint":{"sha1":"52:B7:92:D6:1F:EF:27:6B:57:40:45:EE:98:42:67:50:CA:04:95:D5","sha256":"33:D8:5B:A0:13:75:5C:B7:E2:B8:A0:57:C9:E5:B2:6E:60:A0:98:FD:27:E9:F9:00:AA:93:2D:7B:E5:08:9C:46"}}},"request":{"raw":"GET /icon.png HTTP/1.1\r\nHost: comorosmaritime.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zerads.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 04 May 2026 09:12:31 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 16 Feb 2026 07:51:01 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 633\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":633,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced","md5":"e866d373f3711721ba5cb478a4d25a86","sha1":"0db08f52fba2ab0bcde38da6d131c252bd26ccb3","sha256":"58eb80fa685f79fb1ab96256b36b9753dd4b2d678f97d1f5b6bfb6b9fe5c3f7c","sha512":"0d0c376a4d6eb1b8e5ee7fa9bc27dacbd62479ab40a030ffe0a0a137c660aedb064af0e152532f6e2089497aa36c113791baa4f26c323ef1d0b5d2690fe3cfba","ssdeep":"","tlshash":"36f068e0e584b4449e35556107951865eca6718beee18757cc005d11d40558f0fa63d3","first_seen":"2024-04-29T00:43:43Z","last_seen":"2026-05-10T14:28:32.466281Z","times_seen":162,"resource_available":false,"data":null}},"time_used":840,"timings":{"blocked":336,"dns":4,"connect":163,"send":0,"wait":163,"receive":0,"ssl":165},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"games-of-thrones.com/GOT468.gif","fqdn":"games-of-thrones.com","domain":"games-of-thrones.com","tld":"com"},"ip":{"addr":"45.15.170.16","port":443,"asn":44477,"as":"Stark Industries Solutions Ltd","country":"Cyprus","country_code":"CY"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://zerads.com/ad/ad.php?width=468\u0026ref=10982","date":"2026-05-04T09:12:31.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"games-of-thrones.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 11:35:57 GMT","end":"Sun, 12 Jul 2026 11:35:56 GMT"},"fingerprint":{"sha1":"F2:A0:09:8B:D1:F8:E5:24:E4:CC:54:8A:DD:95:61:1F:CB:7F:BA:B6","sha256":"3B:97:53:C5:66:0C:7A:72:D0:3F:52:F3:10:9A:DC:50:15:99:DB:74:F6:F7:3D:BD:7E:F9:85:E1:34:F2:38:DE"}}},"request":{"raw":"GET /GOT468.gif HTTP/1.1\r\nHost: games-of-thrones.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://zerads.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 04 May 2026 09:12:31 GMT\r\nContent-Type: image/gif\r\nContent-Length: 232517\r\nLast-Modified: Fri, 13 Oct 2023 11:30:53 GMT\r\nConnection: keep-alive\r\nETag: \"65292a6d-38c45\"\r\nExpires: Tue, 05 May 2026 09:12:31 GMT\r\nCache-Control: max-age=86400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":232517,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 468 x 60","md5":"066fb0c03c550e6bb64ba4ae1d11f79c","sha1":"4adefadc9f19c47d6c0225e8521b06e892366203","sha256":"6bfd81bad8c339f7d2a707a502565e5b5f5c8dfd2187bebb47363543104998a1","sha512":"208b6e459110ca578d3044b31e6147b93bae3e404b801d1b476cd87a2c0a7d6244629df70d9a30396fd53526ce6987ab3024f05dbe6456b512ea3c8ee2f43c0d","ssdeep":"3072:5xFOayh7svCfzTAX3pBIJQvbsXBmZOZkqxAEW3XdODGO4D5zdJk/bQFPDgobFuOE:5xY7sQXBmZ1zz3XwiO4NzdJkm7gmzefn","tlshash":"cd34120b971c4145f93848b121aa0f0a3a3d94aedd8d857b428df0b7b1191be7fddb86","first_seen":"2023-11-09T22:37:25Z","last_seen":"2026-05-04T09:12:59.3439Z","times_seen":3,"resource_available":false,"data":null}},"time_used":586,"timings":{"blocked":141,"dns":20,"connect":59,"send":0,"wait":117,"receive":180,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}