{"report_id":"e3f51b2a-77d4-43d7-867d-d72e7de8a352","version":6,"status":"done","tags":["suspicious"],"date":"2026-05-19T00:44:13Z","url":{"schema":"http","addr":"vara.yiteni.com","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":0,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"final":{"url":{"schema":"https","addr":"vara.yiteni.com/","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"title":"Variational — $VAR Rewards Allocation Proposal","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"vara.yiteni.com","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":0,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-23T00:44:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":2,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T00:43:51Z","timestamp":1779151431,"ip_dst":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":42858,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)","source":"{\"timestamp\":\"2026-05-19T00:43:51.639811+0000\",\"flow_id\":2074523734577979,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":42858,\"dest_ip\":\"149.154.166.110\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033967,\"rev\":1,\"signature\":\"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_09_16\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_09_16\"]}},\"tls\":{\"sni\":\"api.telegram.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":918,\"bytes_toclient\":4500,\"start\":\"2026-05-19T00:43:51.594747+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T00:43:51Z","timestamp":1779151431,"ip_dst":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":42846,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)","source":"{\"timestamp\":\"2026-05-19T00:43:51.648203+0000\",\"flow_id\":1125838473335357,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":42846,\"dest_ip\":\"149.154.166.110\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033967,\"rev\":1,\"signature\":\"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_09_16\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_09_16\"]}},\"tls\":{\"sni\":\"api.telegram.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":4500,\"start\":\"2026-05-19T00:43:51.594493+0000\"}}"}],"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-19","alert":"Detects file containing Telegram Bot API","trigger":"vara.yiteni.com/visitors.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"ipapi.co","ip":{"addr":"104.26.9.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-04-19","domain_rank":7936,"first_seen":"2017-01-31T09:07:01Z","last_seen":"2026-05-13T19:37:08.710277Z","alert_count":0,"request_count":1,"received_data":2488,"sent_data":431,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.prod.website-files.com","ip":{"addr":"104.18.160.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-01-23","domain_rank":20159,"first_seen":"2023-11-01T22:05:38Z","last_seen":"2026-05-18T12:21:49.468364Z","alert_count":0,"request_count":1,"received_data":118921,"sent_data":614,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"api.telegram.org","ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":206724,"first_seen":"2015-06-25T10:09:00Z","last_seen":"2026-05-17T10:30:38.298298Z","alert_count":0,"request_count":2,"received_data":745,"sent_data":1131,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pulse.walletconnect.org","ip":{"addr":"172.66.157.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-03-26","domain_rank":247907,"first_seen":"2023-10-09T08:23:11Z","last_seen":"2026-05-13T08:04:15.429163Z","alert_count":0,"request_count":1,"received_data":251,"sent_data":577,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"variationals.com","ip":{"addr":"172.67.221.228","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-17","domain_rank":0,"first_seen":"2026-05-19T00:44:14.202081Z","last_seen":"2026-05-19T00:44:14.202081Z","alert_count":0,"request_count":1,"received_data":2216,"sent_data":437,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cca-lite.coinbase.com","ip":{"addr":"104.18.35.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2011-07-02","domain_rank":2742073,"first_seen":"2023-08-12T20:47:03Z","last_seen":"2026-05-18T10:48:11.993668Z","alert_count":0,"request_count":2,"received_data":2284,"sent_data":1001,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"vara.yiteni.com","ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"domain_registered":"2013-05-21","domain_rank":0,"first_seen":"2026-05-19T00:44:14.204405Z","last_seen":"2026-05-19T00:44:14.204406Z","alert_count":2,"request_count":11,"received_data":8584247,"sent_data":4835,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"vara.yiteni.com/visitors.js","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b52df120dd3efa3c72a24e6b6f36b015","sha1":"b1d5c8cf7bc6cf17210b3472b54709b43f9630c9","sha256":"502be4d6fd23024de737faa09e0dc0d80e5bb43e152ad03aeeb61a31f6564e4d","sha512":"7dbda1f2dce3c524017b9fcbc3ab600abe0e0422f2d08c19654636ed75459ff6985345fa9fb48728a8a1a3d4845a465d94b1796d1ca2f5f1ca698a422be02b84","ssdeep":"","tlshash":"f041636d08b6092c1a16702bee0fa5083543e13f398bda6475ec4b455fd206ec5757d8","size":2274,"data":"","first_seen":"2026-04-25T03:06:09.814197Z","last_seen":"2026-05-19T00:47:08.453437Z","times_seen":4,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-19","alert":"Detects file containing Telegram Bot API","trigger":"vara.yiteni.com/visitors.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe939cf3f0791aa4393c2e098237378a","sha1":"45a838d73a4c606d484413fc4cd18f297f525b78","sha256":"373bcdaea9398c1f586404f0a39045e09a11949d361ec9c58a46ca5e010f75a4","sha512":"b37d1247e638dc4a9390521e286cb785b14762697361c79d70d05afad9cf8b920e149817aa036b409f55b7ab888684589b5fb98bab250946a3e15d01ee8e9a74","ssdeep":"1536:vKoxoAlcC30xcdayrkrWkhAW87hPsrRET6kjOWDWX:y94c80adayQrW9mdX","tlshash":"d883289cf385b23543f75075e52f2602773b1e09e849c4a4e166eac52cb94ce6223b7e","size":83300,"data":"","first_seen":"2025-07-30T09:26:14.123327Z","last_seen":"2026-06-07T04:19:30.119919Z","times_seen":1857,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-06-07T09:10:59.932728Z","times_seen":687660,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"introduction_type":"scriptElement","is_inline":true,"md5":"4b4779dada91775f1d33894576f3f583","sha1":"b17714319b55b68cd917fdf8661b3da2f0b11939","sha256":"e78e864d8de98dabdb6e30b9c701943020706007899c77c8f3231fe66e0153f7","sha512":"a85b3052d06e54b720f633980f3c2689c0413bc20e1256d8fee62cf95ecdd8f197749d6858252462725b1ab7e029aaa7e4749b1755a28d3cf81441687f981b9a","ssdeep":"96:KKN/FjgdnUSCYtjTyqxLiScyXug9GqJjj:nVgdnUSCmPFLiScyeg9Gojj","tlshash":"d191108ca9f3217a213771384b7f61046220ad232b15fd017d0ca3564fd987466baef9","size":4348,"data":"","first_seen":"2026-05-19T00:44:18.044857Z","last_seen":"2026-05-19T00:47:08.45461Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"vara.yiteni.com/after.js","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:50.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yiteni.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 14:19:24 GMT","end":"Thu, 23 Jul 2026 14:19:23 GMT"},"fingerprint":{"sha1":"B0:32:2F:6D:CC:22:34:04:0D:27:8E:B8:18:13:34:2C:F4:60:73:81","sha256":"68:12:C3:09:3D:EF:CA:77:76:64:ED:3C:89:98:8C:79:50:55:A8:68:EC:9A:FC:08:6F:E9:62:F0:E3:85:80:14"}}},"request":{"raw":"GET /after.js HTTP/1.1\r\nHost: vara.yiteni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vara.yiteni.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 19 May 2026 00:43:50 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 8543862\r\nLast-Modified: Mon, 18 May 2026 15:44:32 GMT\r\nConnection: keep-alive\r\nETag: \"6a0b33e0-825e76\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":8543862,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"e7c15b4d334c67c82cd70f8a328c39f0","sha1":"634c69b923d8be872f45ed76e8a85352a4467aa4","sha256":"04b3ff90044b9c6874f4a012c37a575c1088be1bcd3708991ea5cdeff90bdec6","sha512":"6caa161b72ab0905989acd35fcb8f5e218a8b7aacb1f783d314512d99e68304ddc4a25d974bdb3bc648e581b4722fd58e7ad126ea705ffac898fa9c32e1abd2b","ssdeep":"24576:WCCMEDSwSqlKXhy32NmPua2Wb9FsMAkBvbmRm+39CLksEvp4I7MkcIZnLyvsDFF3:WCC3/vWnQEWdwrYefx1lC8B+ATSQQk2O","tlshash":"e9251ad1a36021f8034b1af7b62769c9d01f3d6ef4c86cfad094bd356aa6318c5d5a38","first_seen":"2026-04-21T08:45:58.898145Z","last_seen":"2026-05-19T00:47:08.448426Z","times_seen":10,"resource_available":false,"data":null}},"time_used":1447,"timings":{"blocked":70,"dns":1,"connect":30,"send":0,"wait":60,"receive":1244,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.9.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:50.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 20:25:59 GMT","end":"Wed, 15 Jul 2026 21:25:52 GMT"},"fingerprint":{"sha1":"76:B2:7F:DD:D1:3A:92:49:08:6F:F6:9D:93:7F:FA:A4:E7:AF:1E:04","sha256":"D3:90:F8:60:D1:C0:1C:19:C5:12:68:B2:54:72:DC:42:A3:9F:4C:D8:10:D6:0D:5B:71:0C:1C:EB:AF:AA:AF:F1"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vara.yiteni.com/\r\nOrigin: https://vara.yiteni.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 00:43:50 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nallow: GET, OPTIONS, OPTIONS, HEAD, POST\r\nx-frame-options: DENY\r\nvary: Host, origin\r\naccess-control-allow-origin: https://vara.yiteni.com\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\ncross-origin-opener-policy: same-origin\r\ncontent-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.stripe.com https://*.paddle.com https://www.google.com https://www.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://*.paddle.com https://fonts.gstatic.com https://fonts.googleapis.com; img-src 'self' data: https://ipapi.co https://maps.gstatic.com https://maps.googleapis.com https://*.stripe.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self' https://www.google.com https://*.stripe.com https://*.paddle.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; connect-src 'self' https://ipapi.co/ https://*.paddle.com https://*.stripe.com https://maps.googleapis.com https://www.google.com/recaptcha/; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IumdAOBFV4RujPbUeQIwamSGhOROtiZA3oPmiDj5SSCzNRnbIimHzZGeAKCYXFMvhn95a%2BG9E5HiCNtIDc4zlTYWo%2FhFU1IEZL05ksQ62JEUGG2wbNYLSXtf\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9fdf11d77a6e723c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":736,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b2e0d36fbd81e8a9c07fb95d39a92f0e","sha1":"0e5ea1eafd1c798f9d3b1ab4505dfd6b4be511f9","sha256":"1b3bbe6efd264c3e4dd2f9b97fd542f1effd6c5c50af1350a6687c7dff56135a","sha512":"e0d254a299cfe08338f3d04dbcba739d9af7faa9b53458d1b0eeca2b8cf8c181c93a35f1dfc205f118acb197be8a45a31f28df8bcdd5fc6cfef5b7cbd804c78c","ssdeep":"","tlshash":"6601df68e4680f7b9cb81358b4386907122422175f66398e7fd0978d0f8e8bf31b135e","first_seen":"2026-05-11T02:17:46.320605Z","last_seen":"2026-05-27T21:55:05.943927Z","times_seen":4375,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":19,"dns":1,"connect":1,"send":0,"wait":302,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/settings.json","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:52.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yiteni.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 14:19:24 GMT","end":"Thu, 23 Jul 2026 14:19:23 GMT"},"fingerprint":{"sha1":"B0:32:2F:6D:CC:22:34:04:0D:27:8E:B8:18:13:34:2C:F4:60:73:81","sha256":"68:12:C3:09:3D:EF:CA:77:76:64:ED:3C:89:98:8C:79:50:55:A8:68:EC:9A:FC:08:6F:E9:62:F0:E3:85:80:14"}}},"request":{"raw":"GET /settings.json HTTP/1.1\r\nHost: vara.yiteni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vara.yiteni.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 19 May 2026 00:43:52 GMT\r\nContent-Type: application/json\r\nContent-Length: 647\r\nLast-Modified: Mon, 18 May 2026 15:44:32 GMT\r\nConnection: keep-alive\r\nETag: \"6a0b33e0-287\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":647,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e42b1212df5409f426b072c81f65cc53","sha1":"5bbd089d435f6fc5cad9606665e90e5db462ea68","sha256":"0460838548f21490567e13d5a3a8e5c9ec09d1284abfd6d1c4a454caf0ff4fbe","sha512":"4aa9ca058e48ebd172fe11deab23d16dc202e12e8661034d2b5622acf2a12850fd984713100394e1a1b2241c71eebf7e1c8040b1e9433469d95216d565cb0d3d","ssdeep":"","tlshash":"acf09e8ccdbc1b166fc4125d707c799a58220e3b4a107d15a2c27d5c9b0d657537078b","first_seen":"2026-04-25T03:06:09.817312Z","last_seen":"2026-05-19T00:47:08.452447Z","times_seen":3,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/assets/brotli_wasm_bg-NfWIZley.wasm","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:52.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yiteni.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 14:19:24 GMT","end":"Thu, 23 Jul 2026 14:19:23 GMT"},"fingerprint":{"sha1":"B0:32:2F:6D:CC:22:34:04:0D:27:8E:B8:18:13:34:2C:F4:60:73:81","sha256":"68:12:C3:09:3D:EF:CA:77:76:64:ED:3C:89:98:8C:79:50:55:A8:68:EC:9A:FC:08:6F:E9:62:F0:E3:85:80:14"}}},"request":{"raw":"GET /assets/brotli_wasm_bg-NfWIZley.wasm HTTP/1.1\r\nHost: vara.yiteni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vara.yiteni.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 19 May 2026 00:43:53 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-06-07T07:53:34.396381Z","times_seen":24369,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:53.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yiteni.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 14:19:24 GMT","end":"Thu, 23 Jul 2026 14:19:23 GMT"},"fingerprint":{"sha1":"B0:32:2F:6D:CC:22:34:04:0D:27:8E:B8:18:13:34:2C:F4:60:73:81","sha256":"68:12:C3:09:3D:EF:CA:77:76:64:ED:3C:89:98:8C:79:50:55:A8:68:EC:9A:FC:08:6F:E9:62:F0:E3:85:80:14"}}},"request":{"raw":"HEAD / HTTP/1.1\r\nHost: vara.yiteni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vara.yiteni.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 19 May 2026 00:43:53 GMT\r\nContent-Type: text/html\r\nLast-Modified: Mon, 18 May 2026 15:44:32 GMT\r\nConnection: keep-alive\r\nETag: W/\"6a0b33e0-740e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T09:09:47.463793Z","times_seen":16208699,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/Variational%20%E2%80%94%20$VAR%20Rewards%20Allocation%20Proposal_files/css2","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:50.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yiteni.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 14:19:24 GMT","end":"Thu, 23 Jul 2026 14:19:23 GMT"},"fingerprint":{"sha1":"B0:32:2F:6D:CC:22:34:04:0D:27:8E:B8:18:13:34:2C:F4:60:73:81","sha256":"68:12:C3:09:3D:EF:CA:77:76:64:ED:3C:89:98:8C:79:50:55:A8:68:EC:9A:FC:08:6F:E9:62:F0:E3:85:80:14"}}},"request":{"raw":"GET /Variational%20%E2%80%94%20$VAR%20Rewards%20Allocation%20Proposal_files/css2 HTTP/1.1\r\nHost: vara.yiteni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vara.yiteni.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 19 May 2026 00:43:50 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-06-07T07:53:34.396381Z","times_seen":24369,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/visitors.js","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:50.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yiteni.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 14:19:24 GMT","end":"Thu, 23 Jul 2026 14:19:23 GMT"},"fingerprint":{"sha1":"B0:32:2F:6D:CC:22:34:04:0D:27:8E:B8:18:13:34:2C:F4:60:73:81","sha256":"68:12:C3:09:3D:EF:CA:77:76:64:ED:3C:89:98:8C:79:50:55:A8:68:EC:9A:FC:08:6F:E9:62:F0:E3:85:80:14"}}},"request":{"raw":"GET /visitors.js HTTP/1.1\r\nHost: vara.yiteni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vara.yiteni.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 19 May 2026 00:43:50 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2274\r\nLast-Modified: Mon, 18 May 2026 15:44:32 GMT\r\nConnection: keep-alive\r\nETag: \"6a0b33e0-8e2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2274,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"b52df120dd3efa3c72a24e6b6f36b015","sha1":"b1d5c8cf7bc6cf17210b3472b54709b43f9630c9","sha256":"502be4d6fd23024de737faa09e0dc0d80e5bb43e152ad03aeeb61a31f6564e4d","sha512":"7dbda1f2dce3c524017b9fcbc3ab600abe0e0422f2d08c19654636ed75459ff6985345fa9fb48728a8a1a3d4845a465d94b1796d1ca2f5f1ca698a422be02b84","ssdeep":"","tlshash":"f041636d08b6092c1a16702bee0fa5083543e13f398bda6475ec4b455fd206ec5757d8","first_seen":"2026-04-25T03:06:09.814197Z","last_seen":"2026-05-19T00:47:08.453437Z","times_seen":4,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-19","alert":"Detects file containing Telegram Bot API","trigger":"vara.yiteni.com/visitors.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.prod.website-files.com/68f27573802912c41ef98c1b/68f27573802912c41ef98ca1_68f1f31bb46bd2b55915f33c_variational-logo-animation-transcode.mp4","fqdn":"cdn.prod.website-files.com","domain":"website-files.com","tld":"com"},"ip":{"addr":"104.18.160.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:50.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prod.website-files.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 06 Apr 2026 04:21:54 GMT","end":"Sun, 05 Jul 2026 05:21:51 GMT"},"fingerprint":{"sha1":"01:0C:14:4A:BC:A8:74:FF:AB:42:F0:82:53:F6:FC:F8:0A:DA:9E:61","sha256":"DE:0B:A2:CB:B3:13:8F:13:F5:23:54:3A:95:01:72:0C:79:1C:54:C7:EB:1C:F0:00:21:CD:6E:2C:15:0A:B5:07"}}},"request":{"raw":"GET /68f27573802912c41ef98c1b/68f27573802912c41ef98ca1_68f1f31bb46bd2b55915f33c_variational-logo-animation-transcode.mp4 HTTP/1.1\r\nHost: cdn.prod.website-files.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vara.yiteni.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Tue, 19 May 2026 00:43:51 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 118286\r\nx-amz-id-2: LHWGeA8Oki1YdS5RqZ63LaG7jbAivLrPeSHRhErHjcSs+PLinsOqtx7M96eOIJM0fW7P+cVVCuz7R8f6pSHodg==\r\nx-amz-request-id: 0VHT29YKB9M1XTSQ\r\nlast-modified: Fri, 17 Oct 2025 16:57:25 GMT\r\netag: \"e5dd99dafda3bb99fe3bae8faff0c45f\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: ZKfg00_jI1quRclKVX5vYk5.nB911DL_\r\nage: 1787\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\ncontent-range: bytes 0-118285/118286\r\ncf-cache-status: HIT\r\ncf-ray: 9fdf11dfa8bd56ca-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":118286,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"e5dd99dafda3bb99fe3bae8faff0c45f","sha1":"aa0a3d45e0d2de903f86c992db1b84dd46bdb8e1","sha256":"32c2344fa11dede3f9103625efdde40274769d7f7d4fee3401f9591e3d6b0ceb","sha512":"dbab48abcedb946af804053de3ed999bcd124ffd7f93c97b2621d96c35643a4a878444d1227a724de69bd2901e58e0b119217eb8ff1b0f7f44d0ee37cb63f4a1","ssdeep":"3072:2UmKpWw25uzqpHJXfeKNGuZwoYP/biQvqBDbP0Fvz0su:2UmkJ20mJJXfeWGuZwZexPM50su","tlshash":"40c312e08bfdceaae9b36439ddcba94217680395465132af4d8f502ca513e8cfc07957","first_seen":"2026-03-07T19:51:33.923389Z","last_seen":"2026-05-25T10:21:07.97426Z","times_seen":15,"resource_available":false,"data":null}},"time_used":892,"timings":{"blocked":785,"dns":12,"connect":1,"send":0,"wait":57,"receive":6,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.telegram.org/bot8720547580:AAHsdBAD9gkV5I--cIcqa8O3GqFS-WEk23E/sendMessage","fqdn":"api.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:51.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 11 Nov 2025 15:14:09 GMT","end":"Sun, 13 Dec 2026 15:14:09 GMT"},"fingerprint":{"sha1":"EC:27:13:72:1E:6C:94:9F:47:59:A4:24:4F:AB:9B:02:E3:6E:54:41","sha256":"64:47:03:9A:C9:ED:B9:03:8C:07:6E:AA:3D:BF:75:4B:4C:C1:4E:C1:A5:8C:83:2D:3E:FD:0C:E7:F7:82:C2:71"}}},"request":{"raw":"POST /bot8720547580:AAHsdBAD9gkV5I--cIcqa8O3GqFS-WEk23E/sendMessage HTTP/1.1\r\nHost: api.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vara.yiteni.com/\r\nContent-Type: application/json\r\nContent-Length: 249\r\nOrigin: https://vara.yiteni.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 400 Bad Request\r\nserver: nginx/1.30.1\r\ndate: Tue, 19 May 2026 00:43:51 GMT\r\ncontent-type: application/json\r\ncontent-length: 56\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d948d5845276032d39194409db9ad97b","sha1":"475fe4e71224df85d494e34e0cb8ed799afcdb0d","sha256":"a0a1e0f24b392c6da875c10977d169497a47f669b7e671e62330e125a56721fb","sha512":"3e538a78d85dc32eb47db705c97d627ed8851f6dd87904e2e39aa1d5357cdeaea2a7746fc2ccddbde9bcbcab66ddcceff4ab5cf8db169c49e0f81c592104c67f","ssdeep":"","tlshash":"22900244098ed56744da11605935954855b756b8641964404d95611d56421ea58f240a","first_seen":"2023-07-28T20:34:41Z","last_seen":"2026-06-07T02:09:41.620922Z","times_seen":417,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pulse.walletconnect.org/e?projectId=d284513936c9f1778e474422f04c9753\u0026st=appkit\u0026sv=html-wagmi-1.7.8","fqdn":"pulse.walletconnect.org","domain":"walletconnect.org","tld":"org"},"ip":{"addr":"172.66.157.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:53.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"walletconnect.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 21:24:31 GMT","end":"Thu, 09 Jul 2026 22:24:14 GMT"},"fingerprint":{"sha1":"14:D5:ED:85:23:60:DF:07:0F:87:F6:27:31:48:57:E7:3D:EC:B3:51","sha256":"98:75:A7:34:74:35:55:95:78:E2:84:28:02:E1:7F:C5:BF:C2:D6:6B:1B:9E:63:9E:E8:16:BE:13:A2:E4:17:22"}}},"request":{"raw":"POST /e?projectId=d284513936c9f1778e474422f04c9753\u0026st=appkit\u0026sv=html-wagmi-1.7.8 HTTP/1.1\r\nHost: pulse.walletconnect.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vara.yiteni.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 223\r\nOrigin: https://vara.yiteni.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":223,"data":"{\"eventId\":\"268e7e77-2b5d-4905-be5c-69cf7b9a888c\",\"url\":\"https://vara.yiteni.com/\",\"domain\":\"vara.yiteni.com\",\"timestamp\":1779151433398,\"props\":{\"type\":\"track\",\"event\":\"DISCONNECT_SUCCESS\",\"properties\":{\"namespace\":\"all\"}}}"}},"response":{"raw":"HTTP/2 202 Accepted\r\ndate: Tue, 19 May 2026 00:43:53 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 0\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\ncf-ray: 9fdf11eae9a356aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"202","status_text":"Accepted","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T09:09:47.463793Z","times_seen":16208699,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":25,"dns":5,"connect":1,"send":0,"wait":101,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/logo-poster.jpg","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:50.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yiteni.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 14:19:24 GMT","end":"Thu, 23 Jul 2026 14:19:23 GMT"},"fingerprint":{"sha1":"B0:32:2F:6D:CC:22:34:04:0D:27:8E:B8:18:13:34:2C:F4:60:73:81","sha256":"68:12:C3:09:3D:EF:CA:77:76:64:ED:3C:89:98:8C:79:50:55:A8:68:EC:9A:FC:08:6F:E9:62:F0:E3:85:80:14"}}},"request":{"raw":"GET /logo-poster.jpg HTTP/1.1\r\nHost: vara.yiteni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vara.yiteni.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 19 May 2026 00:43:50 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":162,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-06-07T07:53:34.396381Z","times_seen":24369,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/logo-anim.mp4","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:50.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yiteni.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 14:19:24 GMT","end":"Thu, 23 Jul 2026 14:19:23 GMT"},"fingerprint":{"sha1":"B0:32:2F:6D:CC:22:34:04:0D:27:8E:B8:18:13:34:2C:F4:60:73:81","sha256":"68:12:C3:09:3D:EF:CA:77:76:64:ED:3C:89:98:8C:79:50:55:A8:68:EC:9A:FC:08:6F:E9:62:F0:E3:85:80:14"}}},"request":{"raw":"GET /logo-anim.mp4 HTTP/1.1\r\nHost: vara.yiteni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vara.yiteni.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 19 May 2026 00:43:50 GMT\r\nContent-Type: text/html\r\nContent-Length: 162\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-06-07T07:53:34.396381Z","times_seen":24369,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/logo.svg","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:50.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yiteni.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 14:19:24 GMT","end":"Thu, 23 Jul 2026 14:19:23 GMT"},"fingerprint":{"sha1":"B0:32:2F:6D:CC:22:34:04:0D:27:8E:B8:18:13:34:2C:F4:60:73:81","sha256":"68:12:C3:09:3D:EF:CA:77:76:64:ED:3C:89:98:8C:79:50:55:A8:68:EC:9A:FC:08:6F:E9:62:F0:E3:85:80:14"}}},"request":{"raw":"GET /logo.svg HTTP/1.1\r\nHost: vara.yiteni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vara.yiteni.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 19 May 2026 00:43:50 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 4601\r\nLast-Modified: Mon, 18 May 2026 15:44:32 GMT\r\nConnection: keep-alive\r\nETag: \"6a0b33e0-11f9\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4601,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9b51eb42bba7bd793b1e6ebd30e776b9","sha1":"6c0f249034e66dcf3aa5145ee2d649f8217e799c","sha256":"d15ae7d94685183c8f929855d9dfff68cc35a9379568bde25ae8bbc1ac912e12","sha512":"bc997c7862f53da78abaf7a7942920f235b14494408973a6ab0b21b3d379d4ac16b7f2233486e94ee97d1b9fbde20d0f2c6919248579af5ea43a9b030ace9f28","ssdeep":"96:JgIg0YtfhPeYn+THnUeH/uErh+5zRrlZ5Wh/XsBTg3K6tqAu:W1BhWYs0b5NRZ5WhSku","tlshash":"ce9146d4216962f0ea07ebf98e16f835698738fa5eb0c3f94110bd87ad6656a4c4ccc0","first_seen":"2026-03-07T19:51:33.932077Z","last_seen":"2026-05-25T10:21:07.983165Z","times_seen":15,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.telegram.org/bot8720547580:AAHsdBAD9gkV5I--cIcqa8O3GqFS-WEk23E/sendMessage","fqdn":"api.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:50.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 11 Nov 2025 15:14:09 GMT","end":"Sun, 13 Dec 2026 15:14:09 GMT"},"fingerprint":{"sha1":"EC:27:13:72:1E:6C:94:9F:47:59:A4:24:4F:AB:9B:02:E3:6E:54:41","sha256":"64:47:03:9A:C9:ED:B9:03:8C:07:6E:AA:3D:BF:75:4B:4C:C1:4E:C1:A5:8C:83:2D:3E:FD:0C:E7:F7:82:C2:71"}}},"request":{"raw":"OPTIONS /bot8720547580:AAHsdBAD9gkV5I--cIcqa8O3GqFS-WEk23E/sendMessage HTTP/1.1\r\nHost: api.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://vara.yiteni.com/\r\nOrigin: https://vara.yiteni.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.30.1\r\ndate: Tue, 19 May 2026 00:43:51 GMT\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.30.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T09:09:47.463793Z","times_seen":16208699,"resource_available":true,"data":null}},"time_used":1069,"timings":{"blocked":884,"dns":1,"connect":21,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"variationals.com/favicon.png","fqdn":"variationals.com","domain":"variationals.com","tld":"com"},"ip":{"addr":"172.67.221.228","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:52.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"variationals.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 18:06:50 GMT","end":"Sat, 15 Aug 2026 18:06:49 GMT"},"fingerprint":{"sha1":"63:16:22:81:FF:35:2C:48:6E:8F:5C:D3:54:43:15:A9:F7:B8:A5:BD","sha256":"1A:F3:51:2A:4F:EB:4D:2D:3C:C3:E0:E9:EF:6D:07:3C:33:5C:5D:E8:2C:66:CC:97:31:DD:23:16:1C:02:77:28"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: variationals.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vara.yiteni.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Tue, 19 May 2026 00:43:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncontent-security-policy: default-src 'none'; script-src 'nonce-HIu27LXUHI2bRNZWjrCJkp' 'unsafe-eval' https://challenges.cloudflare.com; script-src-attr 'none'; style-src 'unsafe-inline'; img-src 'self' https://challenges.cloudflare.com; connect-src 'self' https://challenges.cloudflare.com; frame-src 'self' https://challenges.cloudflare.com blob:; child-src 'self' https://challenges.cloudflare.com blob:; worker-src blob:; form-action http: https:; base-uri 'self'\r\nserver: cloudflare\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),xr-spatial-tracking=(self)\r\nreferrer-policy: same-origin\r\nserver-timing: chlray;desc=\"9fdf11e56f21b4f9\"\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bak6JUE9lqF9e1W20rs%2B0W30mTQOJTbAxmZmKgLgtfC3NJ5c6Qb%2BAfZfv1PLtevLknnOqZGUp58xDrRm1xZm2p%2FCHjewskbLs8vpUHyzv234XGoqy2QohYJ3TGkPwhO5SUNF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9fdf11e56f21b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T09:09:47.463793Z","times_seen":16208699,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":8,"connect":1,"send":0,"wait":7,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:53.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yiteni.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 14:19:24 GMT","end":"Thu, 23 Jul 2026 14:19:23 GMT"},"fingerprint":{"sha1":"B0:32:2F:6D:CC:22:34:04:0D:27:8E:B8:18:13:34:2C:F4:60:73:81","sha256":"68:12:C3:09:3D:EF:CA:77:76:64:ED:3C:89:98:8C:79:50:55:A8:68:EC:9A:FC:08:6F:E9:62:F0:E3:85:80:14"}}},"request":{"raw":"HEAD / HTTP/1.1\r\nHost: vara.yiteni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vara.yiteni.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 19 May 2026 00:43:53 GMT\r\nContent-Type: text/html\r\nLast-Modified: Mon, 18 May 2026 15:44:32 GMT\r\nConnection: keep-alive\r\nETag: W/\"6a0b33e0-740e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T09:09:47.463793Z","times_seen":16208699,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vara.yiteni.com/","fqdn":"vara.yiteni.com","domain":"yiteni.com","tld":"com"},"ip":{"addr":"45.140.205.214","port":443,"asn":35830,"as":"BTT Group Finance Ltd","country":"Israel","country_code":"IL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-19T00:43:49.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yiteni.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 14:19:24 GMT","end":"Thu, 23 Jul 2026 14:19:23 GMT"},"fingerprint":{"sha1":"B0:32:2F:6D:CC:22:34:04:0D:27:8E:B8:18:13:34:2C:F4:60:73:81","sha256":"68:12:C3:09:3D:EF:CA:77:76:64:ED:3C:89:98:8C:79:50:55:A8:68:EC:9A:FC:08:6F:E9:62:F0:E3:85:80:14"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: vara.yiteni.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Tue, 19 May 2026 00:43:50 GMT\r\nContent-Type: text/html\r\nLast-Modified: Mon, 18 May 2026 15:44:32 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"6a0b33e0-740e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":29710,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"a165c25aef7d62c989310e055e114560","sha1":"7dc920590cc03cf9be568b9022199dd13440ea97","sha256":"779e7f7f3faf39a4c100358c868fc208a232a11c22114c9aef60b1592959bf29","sha512":"e73c92da422e7553b0f1a6d68a0dc6a35022e1581cea7e31dc40ab5503abd6c5602c4fb745b518ff554f84d39010d27d36668a6fd4eff3d4323207e86f28c713","ssdeep":"192:bwoI5fgONQHAFz4SX+FLpf2plJYtYyrSFXyO/PkzFmSZOsXUd2D+tRDpQ+9OyJYB:bLInFmGFWFpSrI9AI/wBVUfGFUL","tlshash":"bad229da56b311267413951e27ef674b2364d903a507cd187ecc33948fcaac8e9a2f9c","first_seen":"2026-05-19T00:44:18.042586Z","last_seen":"2026-05-19T00:47:08.444114Z","times_seen":2,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":81,"dns":0,"connect":30,"send":0,"wait":31,"receive":2,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cca-lite.coinbase.com/metrics","fqdn":"cca-lite.coinbase.com","domain":"coinbase.com","tld":"com"},"ip":{"addr":"104.18.35.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:59.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbase.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 17 May 2026 03:56:51 GMT","end":"Sat, 15 Aug 2026 04:56:49 GMT"},"fingerprint":{"sha1":"8B:9E:B5:5F:87:EB:1B:7D:0C:57:42:9F:46:3F:31:3C:74:5D:BD:DF","sha256":"9B:AC:83:89:C1:84:1D:3C:9B:E7:80:80:B0:23:CB:AA:F3:F2:3F:A9:6A:58:76:B1:06:05:A6:7F:5A:B6:50:C2"}}},"request":{"raw":"POST /metrics HTTP/1.1\r\nHost: cca-lite.coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://vara.yiteni.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1999\r\nOrigin: https://vara.yiteni.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1999,"data":"{\"metrics\":[{\"metric_name\":\"perf_redirect_time\",\"page_path\":null,\"value\":0,\"tags\":{\"authed\":\"false\",\"platform\":\"web\",\"is_low_end_device\":false,\"is_low_end_experience\":false,\"page_key\":\"\",\"save_data\":false,\"service_worker\":\"unsupported\",\"is_perf_metric\":true,\"project_name\":\"base_account_sdk\",\"version_name\":\"1.0.0\"},\"type\":\"histogram\"},{\"metric_name\":\"perf_time_to_first_byte\",\"page_path\":null,\"value\":158,\"tags\":{\"authed\":\"false\",\"platform\":\"web\",\"is_low_end_device\":false,\"is_low_end_experience\":false,\"page_key\":\"\",\"save_data\":false,\"service_worker\":\"unsupported\",\"is_perf_metric\":true,\"project_name\":\"base_account_sdk\",\"version_name\":\"1.0.0\"},\"type\":\"histogram\"},{\"metric_name\":\"perf_web_vitals_ttfb_good\",\"page_path\":null,\"value\":1,\"tags\":{\"authed\":\"false\",\"platform\":\"web\",\"is_low_end_device\":false,\"is_low_end_experience\":false,\"page_key\":\"\",\"save_data\":false,\"service_worker\":\"unsupported\",\"is_perf_metric\":true,\"project_name\":\"base_account_sdk\",\"version_name\":\"1.0.0\"},\"type\":\"count\"},{\"metric_name\":\"perf_web_vitals_fcp_good\",\"page_path\":null,\"value\":1,\"tags\":{\"authed\":\"false\",\"platform\":\"web\",\"is_low_end_device\":false,\"is_low_end_experience\":false,\"page_key\":\"\",\"save_data\":false,\"service_worker\":\"unsupported\",\"is_perf_metric\":true,\"project_name\":\"base_account_sdk\",\"version_name\":\"1.0.0\"},\"type\":\"count\"},{\"metric_name\":\"perf_storage_estimate_caches\",\"page_path\":null,\"value\":null,\"tags\":{\"authed\":\"false\",\"platform\":\"web\",\"is_low_end_device\":false,\"is_low_end_experience\":false,\"page_key\":\"\",\"save_data\":false,\"service_worker\":\"unsupported\",\"is_perf_metric\":true,\"project_name\":\"base_account_sdk\",\"version_name\":\"1.0.0\"},\"type\":\"histogram\"},{\"metric_name\":\"perf_storage_estimate_indexed_db\",\"page_path\":null,\"value\":null,\"tags\":{\"authed\":\"false\",\"platform\":\"web\",\"is_low_end_device\":false,\"is_low_end_experience\":false,\"page_key\":\"\",\"save_data\":false,\"service_worker\":\"unsupported\",\"is_perf_metric\":true,\"project_name\":\"base_account_sdk\",\"version_name\":\"1.0.0\"},\"type\":\"histogram\"}]}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 00:43:59 GMT\r\ncontent-length: 0\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\ntrace-id: 4261895639332854833\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: cb_dm=30394930-c333-47b7-a09d-eaa02e1ccf41; Path=/; Domain=coinbase.com; Expires=Mon, 19 May 2036 00:43:59 GMT; HttpOnly; Secure\n__cf_bm=.NgZzXmRcx6C4AgCB.qD5L4QbQW8BYXaHj9sLjBfeOw-1779151439.0777671-1.0.1.1-6gJtHhV28tDj2VfK7_GpVZhlGTpyriIYj.RiHm1xh9dRsb5JB2ioE_OVvKj00DGGx.pRxcIsH_Hv5efIZ70xtmcZfFcaDsNGZVM3JXT7uEytO5RaFmAATf2wboFjFfWA; HttpOnly; SameSite=None; Secure; Path=/; Domain=coinbase.com; Expires=Tue, 19 May 2026 01:13:59 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xxg5k%2Bgb0YtLv9xtC9DPsKuJt%2BRbWIkwky7BIgEyEZDjRsuytBOj88JqwQiPLQUXnEMUa436S1P5psKdCXDdPpHOtAtPSumUdvnzQSTXZYA%2FoIEfsQtuybK7dbyFQke6LQs4aC2etg%3D%3D\"}]}\r\ncf-ray: 9fdf120e3ad35a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T09:09:47.463793Z","times_seen":16208699,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":24,"dns":6,"connect":1,"send":0,"wait":146,"receive":1,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cca-lite.coinbase.com/amp","fqdn":"cca-lite.coinbase.com","domain":"coinbase.com","tld":"com"},"ip":{"addr":"104.18.35.15","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://vara.yiteni.com/","date":"2026-05-19T00:43:59.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"coinbase.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 17 May 2026 03:56:51 GMT","end":"Sat, 15 Aug 2026 04:56:49 GMT"},"fingerprint":{"sha1":"8B:9E:B5:5F:87:EB:1B:7D:0C:57:42:9F:46:3F:31:3C:74:5D:BD:DF","sha256":"9B:AC:83:89:C1:84:1D:3C:9B:E7:80:80:B0:23:CB:AA:F3:F2:3F:A9:6A:58:76:B1:06:05:A6:7F:5A:B6:50:C2"}}},"request":{"raw":"POST /amp HTTP/1.1\r\nHost: cca-lite.coinbase.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\r\nContent-Length: 4458\r\nOrigin: https://vara.yiteni.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://vara.yiteni.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":4458,"data":"e=%5B%7B%22device_id%22%3A%2280978589-b30b-4d31-b6fe-3b748cdba476%22%2C%22user_id%22%3Anull%2C%22timestamp%22%3A1779151433845%2C%22event_id%22%3A1%2C%22session_id%22%3A1779151439234%2C%22event_type%22%3A%22perf_time_to_first_byte%22%2C%22version_name%22%3A%221.0.0%22%2C%22platform%22%3A%22Web%22%2C%22os_name%22%3A%22Firefox%22%2C%22os_version%22%3A%22134%22%2C%22device_model%22%3A%22Windows%22%2C%22language%22%3A%22en-US%22%2C%22event_properties%22%3A%7B%22action%22%3A%22measurement%22%2C%22duration%22%3A158%2C%22vitalsScore%22%3A%22good%22%2C%22deviceMemory%22%3A0%2C%22hardwareConcurrency%22%3A48%2C%22isLowEndDevice%22%3Afalse%2C%22isLowEndExperience%22%3Afalse%2C%22serviceWorkerStatus%22%3A%22unsupported%22%2C%22auth%22%3A0%2C%22component_type%22%3A%22page%22%2C%22platform%22%3A%22web%22%2C%22project_name%22%3A%22base_account_sdk%22%2C%22locale%22%3Anull%2C%22session_lcc_id%22%3Anull%2C%22time_start%22%3A1779151433419%2C%22has_double_fired%22%3Afalse%2C%22session_uuid%22%3A%224c7707b7-5453-46a9-82e5-a082615ec882%22%2C%22height%22%3A1024%2C%22width%22%3A1280%7D%2C%22user_properties%22%3A%7B%7D%2C%22uuid%22%3A%22a33e96d7-9250-4db6-892a-115508bf035e%22%2C%22library%22%3A%7B%22name%22%3A%22%40cbhq%2Fclient-analytics%22%2C%22version%22%3A%2210.6.0%22%7D%2C%22sequence_number%22%3A1%2C%22user_agent%22%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0%22%7D%2C%7B%22device_id%22%3A%2280978589-b30b-4d31-b6fe-3b748cdba476%22%2C%22user_id%22%3Anull%2C%22timestamp%22%3A1779151433845%2C%22event_id%22%3A2%2C%22session_id%22%3A1779151439234%2C%22event_type%22%3A%22perf_first_contentful_paint%22%2C%22version_name%22%3A%221.0.0%22%2C%22platform%22%3A%22Web%22%2C%22os_name%22%3A%22Firefox%22%2C%22os_version%22%3A%22134%22%2C%22device_model%22%3A%22Windows%22%2C%22language%22%3A%22en-US%22%2C%22event_properties%22%3A%7B%22action%22%3A%22measurement%22%2C%22duration%22%3A611%2C%22vitalsScore%22%3A%22good%22%2C%22deviceMemory%22%3A0%2C%22hardwareConcurrency%22%3A48%2C%22isLowEndDevice%22%3Afalse%2C%22isLowEndExperience%22%3Afalse%2C%22serviceWorkerStatus%22%3A%22unsupported%22%2C%22auth%22%3A0%2C%22component_type%22%3A%22page%22%2C%22platform%22%3A%22web%22%2C%22project_name%22%3A%22base_account_sdk%22%2C%22locale%22%3Anull%2C%22session_lcc_id%22%3Anull%2C%22time_start%22%3A1779151433419%2C%22has_double_fired%22%3Afalse%2C%22session_uuid%22%3A%224c7707b7-5453-46a9-82e5-a082615ec882%22%2C%22height%22%3A1024%2C%22width%22%3A1280%7D%2C%22user_properties%22%3A%7B%7D%2C%22uuid%22%3A%229a64778a-2e29-4475-bede-f72a7ea13425%22%2C%22library%22%3A%7B%22name%22%3A%22%40cbhq%2Fclient-analytics%22%2C%22version%22%3A%2210.6.0%22%7D%2C%22sequence_number%22%3A2%2C%22user_agent%22%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0%22%7D%2C%7B%22device_id%22%3A%2280978589-b30b-4d31-b6fe-3b748cdba476%22%2C%22user_id%22%3Anull%2C%22timestamp%22%3A1779151434132%2C%22event_id%22%3A3%2C%22session_id%22%3A1779151439234%2C%22event_type%22%3A%22perf_storage_estimate%22%2C%22version_name%22%3A%221.0.0%22%2C%22platform%22%3A%22Web%22%2C%22os_name%22%3A%22Firefox%22%2C%22os_version%22%3A%22134%22%2C%22device_model%22%3A%22Windows%22%2C%22language%22%3A%22en-US%22%2C%22event_properties%22%3A%7B%22action%22%3A%22measurement%22%2C%22quota%22%3A6016.7793%2C%22usage%22%3A0%2C%22caches%22%3Anull%2C%22indexedDB%22%3Anull%2C%22serviceWorker%22%3Anull%2C%22deviceMemory%22%3A0%2C%22hardwareConcurrency%22%3A48%2C%22isLowEndDevice%22%3Afalse%2C%22isLowEndExperience%22%3Afalse%2C%22serviceWorkerStatus%22%3A%22unsupported%22%2C%22auth%22%3A0%2C%22component_type%22%3A%22page%22%2C%22platform%22%3A%22web%22%2C%22project_name%22%3A%22base_account_sdk%22%2C%22locale%22%3Anull%2C%22session_lcc_id%22%3Anull%2C%22time_start%22%3A1779151433419%2C%22has_double_fired%22%3Afalse%2C%22session_uuid%22%3A%224c7707b7-5453-46a9-82e5-a082615ec882%22%2C%22height%22%3A1024%2C%22width%22%3A1280%7D%2C%22user_properties%22%3A%7B%7D%2C%22uuid%22%3A%22b3874f9b-fcf2-424b-8a2e-7997578d5d5a%22%2C%22library%22%3A%7B%22name%22%3A%22%40cbhq%2Fclient-analytics%22%2C%22version%22%3A%2210.6.0%22%7D%2C%22sequence_number%22%3A3%2C%22user_agent%22%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0%22%7D%5D\u0026v=2\u0026upload_time=1779151439236\u0026client=c66737ad47ec354ced777935b0af822e\u0026checksum=f07f4650f67a6ac89db7fc856a4355ea"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 00:43:59 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 7\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\ntrace-id: 1655753383716458085\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HkpSHJRYuzwh6ylGgX90GbbZahQAzz9GKuYzMsaCB%2Ffnqry3gy1Osp1g8w7wP1Qp965xqKYPkLUz1k3%2FsteRmMiesigZvFjCBPlGtEUuHm6iDAK3Oag8Tf4H3iuxA4i0CWAEoizOPw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: cb_dm=215066d2-282e-4872-aa25-fe8c22d4688f; Path=/; Domain=coinbase.com; Expires=Mon, 19 May 2036 00:43:59 GMT; HttpOnly; Secure\n__cf_bm=895GA0L4TbnEdoJauuoJmlykQ3gWPdR0OaR3Otv2mHI-1779151439.310083-1.0.1.1-GELhvdK8Yv5leMjPDi3kckjE5WtFlgQ9KAwXPS5K_5z55wLzXc53cPFlJfwU0v8ZRonIyWYCRbqpAcZRVAk557ijr_Zzi0mOM_IjjXR7tqsMI.aU8IPmaYL2QCMIXIhf; HttpOnly; SameSite=None; Secure; Path=/; Domain=coinbase.com; Expires=Tue, 19 May 2026 01:13:59 GMT\r\ncf-ray: 9fdf120fa878b4fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T09:09:47.463793Z","times_seen":16208699,"resource_available":true,"data":null}},"time_used":160,"timings":{"blocked":21,"dns":1,"connect":1,"send":0,"wait":116,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}