{"report_id":"ffaf28a6-f1ea-4ae2-bef5-cdc0943b7835","version":6,"status":"done","tags":[],"date":"2026-01-30T07:31:14Z","url":{"schema":"https","addr":"etoro.icu/","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"172.67.186.9","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"etoro.icu/#/","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"title":"Bozei: One-Stop Global Investment Platform | Forex | Commodities | Stocks | Indices | Cryptocurrencies | Gold | Oil","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"etoro.icu/","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"172.67.186.9","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-06T07:31:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":11,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T07:30:51Z","timestamp":1769758251,"ip_dst":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":42232,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-01-30T07:30:51.147681+0000\",\"flow_id\":54186887291902,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":42232,\"dest_ip\":\"188.114.97.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"etoro.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":911,\"bytes_toclient\":3508,\"start\":\"2026-01-30T07:30:51.140286+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T07:30:53Z","timestamp":1769758253,"ip_dst":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":50892,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-30T07:30:53.875507+0000\",\"flow_id\":1402746488829766,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":50892,\"dest_ip\":\"47.79.64.207\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5918,\"start\":\"2026-01-30T07:30:53.341830+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T07:30:53Z","timestamp":1769758253,"ip_dst":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":50872,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-30T07:30:53.879357+0000\",\"flow_id\":442550715233805,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":50872,\"dest_ip\":\"47.79.64.207\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":910,\"bytes_toclient\":1634,\"start\":\"2026-01-30T07:30:53.341517+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T07:30:53Z","timestamp":1769758253,"ip_dst":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":50876,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-30T07:30:53.885587+0000\",\"flow_id\":1214199572018924,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":50876,\"dest_ip\":\"47.79.64.207\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5918,\"start\":\"2026-01-30T07:30:53.341740+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T07:30:54Z","timestamp":1769758254,"ip_dst":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":50910,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-30T07:30:54.134350+0000\",\"flow_id\":651333370449161,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":50910,\"dest_ip\":\"47.79.64.207\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5918,\"start\":\"2026-01-30T07:30:53.593161+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T07:30:54Z","timestamp":1769758254,"ip_dst":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":50906,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-30T07:30:54.147891+0000\",\"flow_id\":827579500924098,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":50906,\"dest_ip\":\"47.79.64.207\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":5918,\"start\":\"2026-01-30T07:30:53.593090+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T07:30:54Z","timestamp":1769758254,"ip_dst":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":50902,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-30T07:30:54.180905+0000\",\"flow_id\":874407529352248,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":50902,\"dest_ip\":\"47.79.64.207\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5918,\"start\":\"2026-01-30T07:30:53.592952+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T07:30:54Z","timestamp":1769758254,"ip_dst":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":50920,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-30T07:30:54.508492+0000\",\"flow_id\":969790163115489,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":50920,\"dest_ip\":\"47.79.64.207\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":753,\"bytes_toclient\":1634,\"start\":\"2026-01-30T07:30:53.974305+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T07:30:54Z","timestamp":1769758254,"ip_dst":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":50932,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-30T07:30:54.569881+0000\",\"flow_id\":1062187794498661,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":50932,\"dest_ip\":\"47.79.64.207\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":5918,\"start\":\"2026-01-30T07:30:53.984165+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T07:30:54Z","timestamp":1769758254,"ip_dst":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":50940,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-30T07:30:54.765416+0000\",\"flow_id\":12441952874932,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":50940,\"dest_ip\":\"47.79.64.207\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":753,\"bytes_toclient\":5918,\"start\":\"2026-01-30T07:30:54.225716+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-30T07:30:54Z","timestamp":1769758254,"ip_dst":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"ip_src":{"addr":"Client IP","port":50950,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-01-30T07:30:54.781225+0000\",\"flow_id\":2219509682185261,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":50950,\"dest_ip\":\"47.79.64.207\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"java-vue-bucket.oss-cn-hongkong.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":910,\"bytes_toclient\":5918,\"start\":\"2026-01-30T07:30:54.238637+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2025-02-12T08:38:00.929095Z","last_seen":"2026-01-30T06:57:59.251209Z","alert_count":0,"request_count":11,"received_data":287098,"sent_data":4924,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"cservice.vip","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-10-08","domain_rank":0,"first_seen":"2024-10-08T14:49:36Z","last_seen":"2026-01-30T06:57:59.184184Z","alert_count":0,"request_count":3,"received_data":67660,"sent_data":1237,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"etoro.icu","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-27","domain_rank":0,"first_seen":"2026-01-30T06:57:58.475661Z","last_seen":"2026-01-30T06:57:58.475661Z","alert_count":166,"request_count":83,"received_data":10942616,"sent_data":33481,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"webapi.bo1688aei.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-22","domain_rank":0,"first_seen":"2026-01-30T06:57:58.477181Z","last_seen":"2026-01-30T06:57:58.477181Z","alert_count":0,"request_count":13,"received_data":510165,"sent_data":6705,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"etoro.icu/js/login-bg-CtTnvaIr.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","size":91,"data":"","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-05-26T16:34:37.715579Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/account-CEJz2eqC.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"363883afff043e1f16ccacf5cf76e7b9","sha1":"c36c5db6d01dff6d8b41249b438808e693663bc6","sha256":"d3961858e22a57209b9ec133f95f3ebd75cfd7abc146229982e9d774876c7340","sha512":"c4c40144601e92dba4ff475f0812a3cb642d2273e2d20b36263fa0536618fecac17aea0d5921bd317f5a39302d10c4a24576dd495fc9cededce5f47ce0dcc496","ssdeep":"","tlshash":"c211048a8e4e52b7fbb0be1260d12e07c01b6fb5ada24472b06d957352fd044d62db14","size":1104,"data":"","first_seen":"2026-01-30T06:58:07.044112Z","last_seen":"2026-01-30T07:31:21.128723Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Footer-D8NBBzAY.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b141f7a45b81815a166dbfb15f59c2c0","sha1":"170a02f333de8c1881cf7354b7006a3940c5358f","sha256":"eb62b7158c9f77b546bdb2cc5d38237aa9d68520f7ed8d395e77d527b4cee52a","sha512":"34257a3835277721506d0f03ce56c85795205988e00534fc0010ad25d8bad93c824b34157ebcc5228ad8d419f35b40eb9da5115d4ef3691f4892ac86fe30f31b","ssdeep":"192:vbvNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGTMa:TvvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"05322a057973c9f9c6b784b4b8415510f238bfeee56bc85ab3fd890a17ced390a06260","size":11427,"data":"","first_seen":"2026-01-30T06:58:07.02346Z","last_seen":"2026-01-30T07:31:21.119048Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/PdfViewer-CxAbd-kG.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"8aeee11d7b3b5d52eba51565db15d292","sha1":"b83dbd58fa063755006cb5a60e0dd519d9eb5528","sha256":"c2f9a1a7c394fae157b58d628e99716f0699239b5e81eafd7774b73704e90b0c","sha512":"3b4800534be9282ea6a63ca9d8ef403784b9bf0c02bca20ca71fd983f7c8a09f1c0f3c4dfb6bdfe60d8281c32c3ea64385ed7b25d6895651cab1981db3c40867","ssdeep":"24576:ZkpMfCJkPXXq8RqbOt7aFMz3FuEoYlOsp8yDpm0gLsC7Xl5:ZkpMfCKPXXq8QCFR+l5","tlshash":"65a5a072634372e96b79468671b91609437f154d34f3a1c8ed8e2edac52ad2b237c23c","size":2202810,"data":"","first_seen":"2026-01-30T06:58:07.106333Z","last_seen":"2026-01-30T07:31:21.276234Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-fBhWibqB.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c6f1bf46b374fa16dbde52839e305cfe","sha1":"8882475981dacb7cb89b3c3f630b75b8afe4f555","sha256":"66fbeea7e932c24066cd956226fb0f2b1592f9f4df815f35bccf0901b910ee60","sha512":"5b3edfbd6e84e747b8de2e88eb4abf7eece2f1e88ac7ab225d0b04adb861b37f3b5139c3d48053ec7d9e8f50f30a6f0ed2427f654f2f3b787596be00d4ea9e7b","ssdeep":"","tlshash":"7731320d9473cbfd95a391351b4a2168d2947fdeea708bcdf36c14723aca9b2692c640","size":1510,"data":"","first_seen":"2026-01-30T06:58:07.040622Z","last_seen":"2026-01-30T07:31:21.127467Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/filters-BzRYEg_J.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"951d4f65fe61c32dfd9c4af44f5e66b9","sha1":"a6d0e380ebc68dffd6320885f7045eebb31a09a3","sha256":"393eb50e37c72f341e2bc944184e322fac9d1750412bc1bc82a0a65877d4151b","sha512":"03fa047e3ec3834ba5526f3d1bedcaae6abba701398b4aa927e9ee50b056b25fef5d324548e2ae33a4714f491bc2eb9de4b8ec983cfbb9df5e543e961ba3e6d6","ssdeep":"","tlshash":"4a118ba995cac67b02fb88c8514e418768e87f78b00e4b62bd64f11235a1051f4be393","size":1046,"data":"","first_seen":"2026-01-30T06:58:07.056973Z","last_seen":"2026-01-30T07:31:21.147828Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-Bk0YSeUV.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"3b25a6bda4ef228600a4c5d393ac9457","sha1":"c47325aea6802884b8655d19505b80dc920a5d4c","sha256":"53912e280117dd4048654e9ecfcec10e2f5d040e9624a5e2f9e5763fbf212065","sha512":"a60e4adfd5bed134912419a71e37ab77d6f5d4e3ae26d13d7aa810748e95c64069a905adeefe79008a37b96c623173c751ccd32b3ac08fd2db53b0c0a6fbf0c7","ssdeep":"768:2eevlM82K8nfNtfWeg8s2qlLlWYuG13tfAlgbXXh4FgXG1aU:odM82dPsH9JC","tlshash":"1f03842cb012cfbe9663293062ad1994e1497fedc526c80af1bd18233bc7ff05a56765","size":41100,"data":"","first_seen":"2026-01-30T06:58:07.050112Z","last_seen":"2026-01-30T07:31:21.195098Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cservice.vip/js/ai_service_core.js?v=1769758254095","fqdn":"cservice.vip","domain":"cservice.vip","tld":"vip"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f18eea0d33964edbd612d61f5713fd75","sha1":"93dd1f6594dcf0f7cbdb44813e4c1f2072961533","sha256":"1bc28f480d9acf22346a0cc22379fce4b7971d6e647a55de5919e641db5cc597","sha512":"5cb694ca839128e6683a513174761ccf1c4147b28d130dc1425112756d81ee61a2c65baa2272e8284264a53ba658a4f77c1753291163dcc4fc5745b0538c5931","ssdeep":"384:m+6aLTFONgSMQDbHer4p7JCA8GaHOdRUHYAnUjZpeZgy4F4Syec71gAQ77/ZMTtY:5xTFeMQDbHer4p7JCA8GMOgYAnUjZpeS","tlshash":"a48241abebbb10724457b4368b9f268435268013294cde203facded04f52a675317bf9","size":17618,"data":"","first_seen":"2025-11-30T14:17:39.769051Z","last_seen":"2026-06-01T14:33:52.182505Z","times_seen":100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9e3916b922f6e89fef56ec3d30fc24f1","sha1":"39864de2655e9cb05aaced549d399ec6f768b050","sha256":"77f19f933dfce820e9ab4507206207ca46964edc5224fba3206261d74a3b0757","sha512":"4e9b8d49c5ddadee2aad4c3ecb9f204d9d56efe210aae8a58286d5ac9ea82affeb77751ee5c7408e6215eaaf2e7c698304bcfc43a13ff57e0ff55fd4b8fc6eea","ssdeep":"","tlshash":"04f0e21a52b850b4117bf33d738feb81363200c360489f513d1c5f840f6043846a1b96","size":518,"data":"","first_seen":"2025-08-26T17:46:37.312801Z","last_seen":"2026-05-26T16:34:37.76015Z","times_seen":62,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/dataModify-C6sk-dj3.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","size":635,"data":"","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-05-26T16:34:37.704819Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/ArticleViewer-Ovcj6CdM.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"004e39d5f4a35737fe3fcf0abd7fe1a5","sha1":"edb76fe2b955850bcf2c58c41ca30afe404779e0","sha256":"ede8e08caef3d12a90667191f55e085e63985f722e97e804c7d03efbdba9eeed","sha512":"e40b2a6a1d37e1b9adea907f7492bc7e0856deab3e996dd19ce992f18cba612545daa72b9c71a2174455f9cedf4a48752180df3467dc8d6dc1b035b7826b9b51","ssdeep":"","tlshash":"7b41949c2476cfb896f38335a58ad6545004fbcbd7118a89727e582a2fc0eb07a5c304","size":2403,"data":"","first_seen":"2026-01-30T06:58:07.045203Z","last_seen":"2026-01-30T07:31:21.121645Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-dkdlGO0L.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"3e1f45282fa7c4461f3b28a3206dfbde","sha1":"ed66d2d5065746f8a24af64ca856f04bfae1bf70","sha256":"958affcb6da0461e9820e97e6ad9ae89b0f3228e7fb7705bd6c2b8125a37939b","sha512":"64b350083f1c37cf238da309e1588c298cd675a4e77d074fea99aa975470c2c501c44e022e5c85a7a3f7018e7e8f17f6a6a70ef1970586cbb4385259902c692d","ssdeep":"","tlshash":"8261b4dd78b7f020867548ee507b0636e23a37592408d0d4e01fcd8a3931d6ab2a7e29","size":3235,"data":"","first_seen":"2026-01-30T06:58:07.05582Z","last_seen":"2026-01-30T07:31:21.196136Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/SetFundForm.vue_vue_type_script_setup_true_lang-BHlk-fQI.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"d25031a217c37349e5c075d77a0c8d35","sha1":"748c418739df56ce596bea6c700a49096b61dbd8","sha256":"0f922fa56fe204294109ef7852f09c66ca01d7f19bdd177ab1f6de137254f592","sha512":"bcf4678b50340790ea5e4877027716a2d8a998ceb2b345ceee726e2f94e251065e0b2f37059c2609b45558a05bc7421d66f8423d4be32defb2e4cbfd9f264f12","ssdeep":"","tlshash":"6251340d2472ceff26c3a238224e6168e0c8bfcfd7309755b66d447226c99f53619a55","size":2673,"data":"","first_seen":"2026-01-30T06:58:07.02052Z","last_seen":"2026-01-30T07:31:21.109715Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cservice.vip/js/ai_service_diy_tw6dwqqy.js?v=1761548575","fqdn":"cservice.vip","domain":"cservice.vip","tld":"vip"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"24ac82407fb1bbdc27adcab89f5b6625","sha1":"fdb88d7995f817ef96ff82238475853e9f79b92f","sha256":"765ccb104b88756761b168d1a1ed475c38c13cf14a7c8b1f89d803b19554ed32","sha512":"72268a381adced0090ff4cabe137ec3c47ade8aa371763806d41b1f69a84bf1271993b18cdf410a6d421bc9c056aa5b55e9818f3d4b193378267a5557fa06786","ssdeep":"","tlshash":"6d31ad925e9985731933322a9b3ba528fb3127071a019a033ebd67106f31d89aa65ec5","size":1810,"data":"","first_seen":"2026-01-30T06:58:07.079183Z","last_seen":"2026-02-26T17:48:02.257286Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/CookieConsent-Cwy8EEY9.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"a3d57f4dfb8b351d338218c31b910b0f","sha1":"5e66b68ab930f00cd814463c4040775984203c1f","sha256":"af9b916faacca64df9bb4e09e9ce8753a8fa7ceb485c2649ec0469b45e3149ac","sha512":"c54ea19df402e383f73542c20476be2424b10d2aafe2d71d8206faf58f1d68a2f3c2b57a050d53a25011ab8617e9c76ba0c50cfc6ecb2ff267ff9dfe781ff042","ssdeep":"768:sJYjnT5ISSBGZo4mrwDu0yIpdmjriD05bnPexT:7eVsmrwXpdeiom","tlshash":"cbe26c05e806eeb9d7f35634744a7168a4387fdac25ac43a63bd85232bc9f728763314","size":32681,"data":"","first_seen":"2026-01-30T06:58:07.068687Z","last_seen":"2026-01-30T07:31:21.155015Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Register-D-j-nxFs.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fabefd7d035883e6a38e4485208f2b3c","sha1":"d7400d9dbcb129fbeda07b0c6e1fdb9468653cf1","sha256":"531af315f226c81f867d2282a8d13dc49838f1b450e84d26687f1522db116c67","sha512":"f5800b451e10d7d0b21c6a83be493677eaa6d3a7df3df012d7e368fc39d509f23551b19f9f0772e6d8c0d59914bae4682e42524bf2f589f5cd0c46bb3023eb04","ssdeep":"384:Gvz6u+z8k7mm+r6meg5bM5MZ5iU4jEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792K:Gvzp+gk7a55g5s5TUZ5pyVjnjXYn0D9R","tlshash":"9782678cb1519bfaab7b9431f4476930682c4f5fc463c0f6e6e88c35a79ec71a51423a","size":18419,"data":"","first_seen":"2026-01-30T06:58:07.041785Z","last_seen":"2026-01-30T07:31:21.175023Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Login-DdmETZVM.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"925308cf815cce44122f6c1d1c76182b","sha1":"cfbc845886ecfca3dd8271d9730bca2b51d89f5c","sha256":"1a11b07823c9e3590870356ddc59d3a6f9bcd615995065315d0106af1d5311cf","sha512":"196ffa440a6a41a96a966ff2aae8d182bfbf95630d71c83677f89697750d4023cdb603ec38f81479d5f7148b4a9757fbd9a12d689870fa8fccb1d6397a0660fe","ssdeep":"192:5MT5FyYQNzN+dNWNTpknH3caQKkn3ELqKDN/5qxBy+d7PEwjNwzPZdasQWQ5QUgh:5JYQJIUBoL1Ibp9JyisQWQ5QbDFHiq7H","tlshash":"f232a6c87512abf99bb30825b6047935b4185f99c067c48ef3f84c317bdacb66a24379","size":11563,"data":"","first_seen":"2026-01-30T06:58:07.035876Z","last_seen":"2026-01-30T07:31:21.132697Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/TradeLayout-CmoCU-2N.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2b2c1b5c27c45aac2846dbd1ad57041","sha1":"47b3c66c4abc10d7bd0bd85b910161ea804accdf","sha256":"287fe36610ba1b59079680bfbf9982c3969689155898731df4a8a01425530333","sha512":"2551ddcf99c1893bb4ea4cef275854d21c0f7f15f21ceed84da7ba1146ed898117f9c8073d0897b1cd1ebda29e594ba2e1699b53ca9e692b0d982f7fc32d5751","ssdeep":"12288:x37MnWzG2+iFeq6Zz6uSxNbn6e1dD5skFF:xrMnWzG2+iFeq6Zz6uSxNbnx3P","tlshash":"7294f580b162e53993f391b5107a0401e3197f89b00686adf27dccd73eaad9971baf74","size":414805,"data":"","first_seen":"2026-01-30T06:58:07.06164Z","last_seen":"2026-01-30T07:31:21.217162Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/loan-C72_ztZx.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"bc616f59993c976e650e28c26b8df1b3","sha1":"131076de9dd79a052e95875762d5bb9454d15eee","sha256":"14cd7f8031a4cfac597a0fdb95a6f3d31a16565fe017f32a1c844a624337fa56","sha512":"7eee7ec00e13628707305c10dd845b7506c4a25859bcd68e2327c5ee8f65a713d8ee5619633a0b3b86a258371fc63ad0a250b8d4cdfbc5787fece0b9239a13ca","ssdeep":"","tlshash":"eff0f6dbbd179a7f9135d23930933d02b43b9a31def614702f2ad8678b2c089676b941","size":580,"data":"","first_seen":"2026-01-30T06:58:07.065258Z","last_seen":"2026-01-30T07:31:21.134068Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/CreateOrderModal-bbuOfOtm.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4b89011ee105236debf4c8d59ebf15da","sha1":"9168734a9782db6e70a73691d0928c87a9f5bf8b","sha256":"8a0a38354c040f39564828b8ccefb644bfe8d04900f595a2f14ae72f01e812a6","sha512":"61760420609a7bd8f35a7c21e1ca5f840b74078aaf69ee5428bdb65a99a23f1f45df7253591b9bf452830f4a5424dc4229e13b0e904d39025f5d8823eccc60c5","ssdeep":"384:a5KMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:aIMuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"5e72c93c70d0c9be9473d176a2cd68284048bfcfc6625bcef63de66415d9ca16b25a2c","size":16272,"data":"","first_seen":"2026-01-30T06:58:07.083343Z","last_seen":"2026-01-30T07:31:21.150622Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-8qw7K-jL.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bd89b040075de65f9573fcc716541460","sha1":"b03bd4cc7141c38f419e082efb9d50ccfcf344c2","sha256":"698fe02ae1f8a1d2ef36951d007a7bb5e24974b74a09b93f47ab7dd0a467fdaa","sha512":"21da6f1b9af818227a81b9e863c7aa1db65861c246f901832ecbc4d57b3ce00feb61ddf25df663a53cf16ef23e88e00dd9019fe13960b3d45d653dcec650002f","ssdeep":"6144:UfIyxrxeAbERhW+M4e5usVKBDtMAyJjSpBBPWG5YhiPmy880z+8Ff0kvmUyPEmIY:CIexeAARhW+M4e5usUBDtM1JjSvBPWGb","tlshash":"d86409847252b27a83f305a2543e4405e2257f88b107c4ddf1fc4cdb3e9ae9665abb78","size":331566,"data":"","first_seen":"2026-01-30T06:58:07.019641Z","last_seen":"2026-01-30T07:31:21.24209Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-D3hU0P2u.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6ac4ceeacf4bcf2ca2b63c4bc76d8e7e","sha1":"5fd386edc468d09c716bad94efc16d55dcafd7a7","sha256":"146028d217ce45f6629bbc5825a42d913fc442cdc2756cc9001bfedfd3fa627e","sha512":"9ade71cee2f3c333150476bc35652051a7395cce6868e866b7fa674699b2e25a83d612c11d4c1232139329981e17e4e079cb223343c42cd07ca4cae23fa343f4","ssdeep":"49152:N0t9UzEet33btbN9Rp0AgwYfSFRNWVCPBBOj2O6/N:2C/jP","tlshash":"e0959f9876c6f06806f382e560eb1105f2786d45f446c0a4f9fc89ab25e5e9ce277f38","size":1921330,"data":"","first_seen":"2026-01-30T06:58:07.10772Z","last_seen":"2026-01-30T07:31:21.281104Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/cssCalculate-G7yYGhEz.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"81ebadd562734ed587f3316303b98381","sha1":"5723c81e2b22ffc192d40520d06e88144b0772ad","sha256":"7c50130b8bd2f94adc659826b11458992c265553deafb0b41a0e70b68f147d5b","sha512":"649488501388c20a305d284b0ccc5de1027ee267165017e7ecd09d3f9d60e6d61ef3bff8b2f81884ad5a65e42ee40714f9473e4f0a677a8d4eea11ca50e158be","ssdeep":"","tlshash":"b4014efda5c1daf79b4b553b0e6c492c718d5680ea1f86c2d76da4207b402ecb132590","size":792,"data":"","first_seen":"2025-08-26T17:46:37.228469Z","last_seen":"2026-05-05T09:11:43.050995Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Calculation.vue_vue_type_script_setup_true_lang-Bp5ILJqY.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"78d6533374947865edef961c936e1134","sha1":"354e2a750ce8513c5975c775e5893521c8f67596","sha256":"bbd28ffa7141039df562c94a2de2eab760d94bd1f55e9eadcc0e9a024bd92d04","sha512":"e57973cb7cf95675eda2cb852282ea0d614d02a1dc94653b70ba7f16d72d2c3282119fba08bd054001f85fe241c67dfeb81df710f6d3a74aebb105140092bd03","ssdeep":"384:dFSYvdyMTG1CmxcgnJcwV1eBcICHan1BAkL1pkDUaBoiA6UJWM5boWBu5D8daLHa:7ScUYfjBcban/Ao1pQUaBol6Ubboyu5m","tlshash":"3e92a74db152db3ddbb354f1605e1014e0087fcad426c497a1bf09933aeeeb11a6967c","size":20465,"data":"","first_seen":"2026-01-30T06:58:07.067575Z","last_seen":"2026-01-30T07:31:21.205927Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-pUUTKl5z.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"213c28932216caaa1918a9c84e3507b3","sha1":"8ca5a8e26283d25eda6a131cb50efa45b9831060","sha256":"a46168ff716611e4f8a9212ba97986f7d1674ab52ae5d4034b8468c93c89f17d","sha512":"60ccbc7a143d5741556972f538fc5b47c91513108880c1571bff70a5989062e4d5c615567b8387870af2e4ca34f1fc6cfcafe024a2fb28dac26de29a3f3ce274","ssdeep":"1536:O9R8WY5TRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8ni:gRk5jTG8ralELZFOUnusSQilqw7ShHTU","tlshash":"25048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","size":173125,"data":"","first_seen":"2026-01-30T06:58:07.022418Z","last_seen":"2026-01-30T07:31:21.146365Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"etoro.icu/assets/CreateOrderModal-De4MFw1c.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/CreateOrderModal-De4MFw1c.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eolObLX%2F1WZSBQo2L5wp1JxkpdJtBQwjwpt0X%2FbN6WMwdwInbOrQunTGKOOczBX5MflQS4D%2BBUZtE2ovOKFygqr%2FP66gMb%2B2PQ%3D%3D\"}]}\r\netag: W/\"697a141c-380\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f443b3c7d8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":896,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (895)","md5":"cbd343f17246767930d7cdc3a31afc75","sha1":"53f07e27207566ac0bff5087541d29ae88dbf93f","sha256":"50a406ccd97ba1abd8bb250ed95633f2aa6335867512902988da8148ec9a8544","sha512":"e90f43111a41600d98e32838e6f26b63835956482970cf9a0e3e05c3110a5055883c9be8c00d7adee72d237f900fa332beffac4a3b6e420a6a010b1a558a7036","ssdeep":"","tlshash":"0911365b7088a73f5c3bdba000a6a01e1262ff5b8c2113d50aea5193c99fee76512244","first_seen":"2026-01-30T06:58:07.103163Z","last_seen":"2026-05-26T16:34:37.725627Z","times_seen":65,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/index-BEzzQ_GE.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/index-BEzzQ_GE.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-7dc\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rE9sHrbcAxMHgEsYEyduyK%2Bj0CPdZna%2FDIGhH1jqlmIJ5sxVnTKBCH14w4ukwn6NdxpN9FozVYNpj%2Byb9RggIH%2FDoD3DeizPbQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b3c848be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2012,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2011)","md5":"0c98fa035f8004d2e7b794a1d501b474","sha1":"d49aa0799afaf0c8330b6e5a2cf4ed64ad66b770","sha256":"8f481f1fc0cb216b79a6390824a27be70d29c64b11fa5cd299ed1acf23d0992f","sha512":"d016bf24192d22e7a1632c1dbbec6e5992b53b3a05f6fee2e8e0a7c6ef4085d430ed741ae8ea8b6b888cb8d42468f2c23e945728be356fe37dda4b8fa9567064","ssdeep":"","tlshash":"364122f2a1d5129c33b7dc34d9d1762c422ae5c2d3910edc6256ba6cbbc3ada1eb4018","first_seen":"2026-01-30T06:58:07.039613Z","last_seen":"2026-03-14T09:23:15.18411Z","times_seen":17,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/SetFundForm.vue_vue_type_script_setup_true_lang-BHlk-fQI.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/SetFundForm.vue_vue_type_script_setup_true_lang-BHlk-fQI.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-a71\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5UCUE%2BPmeR64XYTVi1t5Dsi3u%2F%2BoCps9HdOug8DmBjc90X3WkydudNre0V2rqQkNp%2BDDjNH6%2By1TeOP9Wco0mcH5Zht3Uba5qA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b4cb58be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2673,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2672)","md5":"d25031a217c37349e5c075d77a0c8d35","sha1":"748c418739df56ce596bea6c700a49096b61dbd8","sha256":"0f922fa56fe204294109ef7852f09c66ca01d7f19bdd177ab1f6de137254f592","sha512":"bcf4678b50340790ea5e4877027716a2d8a998ceb2b345ceee726e2f94e251065e0b2f37059c2609b45558a05bc7421d66f8423d4be32defb2e4cbfd9f264f12","ssdeep":"","tlshash":"6251340d2472ceff26c3a238224e6168e0c8bfcfd7309755b66d447226c99f53619a55","first_seen":"2026-01-30T06:58:07.02052Z","last_seen":"2026-01-30T07:31:21.109715Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/common/getCoinContractList","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"POST /api/common/getCoinContractList HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bjd0tmgORvXX7wDfm7yA%2FsU8xu92hz%2FT%2BwxM801O%2Bj0tahPPvFraMCtpgJ85d6VC3msjvelZBuS2oi37ZOtid6%2B8OLOp%2BlNm6gYQaKsJYK%2BhK7EJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443cde94dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80207,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cafe82b21c86ebc50f08a0b7f910d10b","sha1":"63bd6b60d59def6050f43b1580594ff2b8ae70c3","sha256":"f8db78534365de79185a0d1e33c15df7ef5134befc7504cf87c11f1c7daefb20","sha512":"f08b104c45bb7d34a55912405a27fb8876a6ff1cc8bf02b3bfcf375e7ca15f2ab8af91c63d207845e1bfd6e67d5883dea357ce15d6b9221cf289a8ab0a8a0fde","ssdeep":"192:mWXBQg3XFX7XiHXpX4XvHXUWvYXClLX8XRWXnWXgWXDWXvWXkWXOWXOhWXQVWXUN:i4Xe/S4iwjrmhfqRMjqCN1","tlshash":"dd73cd81563865f9c630e0d42f2f790682ac35efadce4c3692decd994ad4af26709f05","first_seen":"2026-01-30T07:31:21.112055Z","last_seen":"2026-01-30T07:31:21.112055Z","times_seen":1,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":328,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-D3hU0P2u.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/index-D3hU0P2u.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-1d5132\"\r\nexpires: Fri, 30 Jan 2026 18:57:32 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1999\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g2EdapH3CpRgiEt%2BxYeAsuxi08liaeS6S%2F4VruDKnGFMATmZfyX%2FHXDZAdo5RO8WAKqgvkZVxU4wriJAi2vBghZD0fP%2Bah%2F3EA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44332f368be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1921330,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (33325)","md5":"1046d821876335a8c05f548692f3eba0","sha1":"9666fbd018dc8e406d5d4c62a3d9d98d794572e8","sha256":"dda2549c6fcf438866cad89369aa0e797ef350fc5043b1e0b138429f540c3fa7","sha512":"f5c5940342d8cd9c81a48e8dbb59ffeaf7f6699a2d410e222dc96fe2437f524c30220f5b0f1085045a5c00fc1a28d25295e49468664e2a9316848210f2ef2ab6","ssdeep":"24576:N0t9UzEet33btbN9XhQaTkjMtgwYfSFRNWV9UPBBI:N0t9UzEet33btbN9Rp0AgwYfSFRNWVCU","tlshash":"62255cd8b682f06107e755e540bb0006f3397e157449c0e4f6b998eb39a9a9ca277f3c","first_seen":"2026-01-30T06:58:07.042932Z","last_seen":"2026-01-30T07:31:21.115003Z","times_seen":2,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/PdfViewer-CxAbd-kG.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/PdfViewer-CxAbd-kG.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-219cba\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IQ2RPUpD1xdSN9pNiCvVlJYTxQQ%2Fl66OMg%2F%2Bl%2FNeAr7LXXmWWpWQWAw4SUWvO0HcYz3Ds%2B%2F30a8bQ9eG3UrREykww6bUb6gEoA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44358d728be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2202810,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"b4ad4f32b6f5cd9c69fa52923138f26b","sha1":"e67530fdf6a69085f8d83928ccf46203bca3ba28","sha256":"ef323731ec86b3063788ac5bb1c44f5371e403b199719040e90a277eeefb6c4e","sha512":"5f8ebbe423359efcc3a0c23bacc6387c5dbb55e4d06587b934e42a16bc3752f65a95335821cc5391a5153e15e14db05c606c90f9e96ecf7a062c8fec18d05d70","ssdeep":"12288:ZZapMfCJkxNP/XN8894qsbzAar4Y7hdKvWHbzYE/EqkMsxP706zL9bHIOdBEtHbV:ZkpMfCJkPXXq8RqbOt7aFMz8","tlshash":"41258d24731a769d0aa900c370bd1589d3fe1609e062e1dcb78f7a9f6a6ec09673d734","first_seen":"2026-01-30T06:58:07.058171Z","last_seen":"2026-01-30T07:31:21.117082Z","times_seen":2,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":18,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Footer-D8NBBzAY.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/Footer-D8NBBzAY.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-2ca3\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1998\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MGzxJvBwsJHh%2BClJJoHhohGKb%2FPhjCGEM1TmHh11ZVZdWmd%2FDlhuswnzGIcO0hJiTCfItI5Mgn30VuR26Q6%2B0SG9qfYoib371w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4436c9998be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11427,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (11426)","md5":"b141f7a45b81815a166dbfb15f59c2c0","sha1":"170a02f333de8c1881cf7354b7006a3940c5358f","sha256":"eb62b7158c9f77b546bdb2cc5d38237aa9d68520f7ed8d395e77d527b4cee52a","sha512":"34257a3835277721506d0f03ce56c85795205988e00534fc0010ad25d8bad93c824b34157ebcc5228ad8d419f35b40eb9da5115d4ef3691f4892ac86fe30f31b","ssdeep":"192:vbvNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGTMa:TvvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"05322a057973c9f9c6b784b4b8415510f238bfeee56bc85ab3fd890a17ced390a06260","first_seen":"2026-01-30T06:58:07.02346Z","last_seen":"2026-01-30T07:31:21.119048Z","times_seen":2,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/ArticleViewer-Ovcj6CdM.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/ArticleViewer-Ovcj6CdM.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-963\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1998\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l6AJgnZq1Q7cyhqaaktXqFpc404wsp%2FzuJtnOGexY8Z1CU6wY%2Fg%2Br0QMTu6KHqslu6zk0KdJcZ2UB3iU5Jo5oC1MAR83ewrVRw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4436c9a88be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2403,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2402)","md5":"004e39d5f4a35737fe3fcf0abd7fe1a5","sha1":"edb76fe2b955850bcf2c58c41ca30afe404779e0","sha256":"ede8e08caef3d12a90667191f55e085e63985f722e97e804c7d03efbdba9eeed","sha512":"e40b2a6a1d37e1b9adea907f7492bc7e0856deab3e996dd19ce992f18cba612545daa72b9c71a2174455f9cedf4a48752180df3467dc8d6dc1b035b7826b9b51","ssdeep":"","tlshash":"7b41949c2476cfb896f38335a58ad6545004fbcbd7118a89727e582a2fc0eb07a5c304","first_seen":"2026-01-30T06:58:07.045203Z","last_seen":"2026-01-30T07:31:21.121645Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Low_2-BPxk_UPI.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Low_2-BPxk_UPI.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-24b6\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zB6Ycjo%2FjO6X4Nt0OIB2R63AzsG6DntFUbcWph%2FFR1qOufbY6OFQk7ndM4MyelipKABkgAXRwA%2F6hMFNBqle2xjEd0p8b%2BLVwg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443988598be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9398,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"ce19171ad2413080ac589384fcdd4a01","sha1":"7b7da4a5cc5aeb1b1f10266de0edb0bacc2fdc30","sha256":"68582f4a49950d5778e05957baddfb31bc321607dfc5af01c519cb84f87ec0a7","sha512":"4282b94584460f26d89f307072438f1c29b017c81d4a5d3cef14d06e839a2953e304c8f3447907bcea56f84c0b2b87d4972405bb04da530de1a360865c579b44","ssdeep":"192:4S+V2BSNF7kJS4V2yFaVkIghjKpg3UhUyBL1xWczVDF7Tqxwyvgajoto:/wyM7kwbW6JkWUyIUDwqo","tlshash":"9312b00bbc2b7d3b7211f80944cc37a51c1ab8bd05ad839188b576951adee58d7e3ec1","first_seen":"2025-08-26T17:46:37.214917Z","last_seen":"2026-05-30T18:39:08.450009Z","times_seen":85,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Low_3-CoMiX5LU.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Low_3-CoMiX5LU.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-1da0\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X51yjHhH4zNurkTfHff%2FWnAMR5hRAkhAyj0YwNq6w1BTHdfIsZQw0PDZRb0Kouvr%2F1lcEflWrH%2B6zrJ7II9nLGpZUSQ1wjTSpA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4439885d8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7584,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"a8b00a7e3bf2f70c8c4887d24abe8b51","sha1":"92ce419cdd7ab6e8d8e7bc05500761fbd08eaa9a","sha256":"8f98a9cc45245fbac829f6a93e5e24c3c5e3703ce68eb080d4c9421c297dee2d","sha512":"9db0c799a8dc0e938d327e0c20f3cb3cb98d3260668705dda23fb04e73efe9278988f6499b2f96df201da432efb01a8b5ae44efe08195914b02479dfe70bdc23","ssdeep":"192:8OSF296sDSSaQ+8CQ2twPskLuqpZ+DJ72iUyoutP3QB:+I6OSZs2tnkniYiUyo2E","tlshash":"c7f1b0d7a5e96df1f736311988dcd2037f0fb258a6a00a66f5039a84e7f450c870f061","first_seen":"2025-08-26T17:46:37.283171Z","last_seen":"2026-05-30T18:39:08.433138Z","times_seen":85,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/common/getWhitePaperSetting","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"OPTIONS /api/common/getWhitePaperSetting HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s%2Fku2xili4iYr%2FO6epkdinNUVvH6OxiMqUXqxc98mrLXffF5wVW7C9Hg0pf2h0vZ4oCwwAgQeNChbllxsp4b0P8H9u%2B3CLgepO9%2BYaEUdfn43Cdq\"}]}\r\ncf-ray: 9c5f443a1b22120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T02:34:21.078592Z","times_seen":16227496,"resource_available":true,"data":null}},"time_used":419,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-fBhWibqB.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-fBhWibqB.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-5e6\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dp2ZYTsCQNfc9gCq30dic5P%2BRpwyQDI2XDxjuelSxXPgQCZZPP1OpLsRUO0bVfIU2NqAbGXmCghyBmg4nBlmzZVSuZEVpIIRVw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b3c888be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1509)","md5":"c6f1bf46b374fa16dbde52839e305cfe","sha1":"8882475981dacb7cb89b3c3f630b75b8afe4f555","sha256":"66fbeea7e932c24066cd956226fb0f2b1592f9f4df815f35bccf0901b910ee60","sha512":"5b3edfbd6e84e747b8de2e88eb4abf7eece2f1e88ac7ab225d0b04adb861b37f3b5139c3d48053ec7d9e8f50f30a6f0ed2427f654f2f3b787596be00d4ea9e7b","ssdeep":"","tlshash":"7731320d9473cbfd95a391351b4a2168d2947fdeea708bcdf36c14723aca9b2692c640","first_seen":"2026-01-30T06:58:07.040622Z","last_seen":"2026-01-30T07:31:21.127467Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/account-CEJz2eqC.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/account-CEJz2eqC.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-450\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1998\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hU%2F97lcPjciGTJMm1o1suW4AdYE9TlB1Yj1L9aacCDeeQRe29ubZrWVKE1krWiUTjB1uPgC5rcOG4TFc%2BEwUfL%2FB9zbVqjZ3Jw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4436c9a58be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1104,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1103)","md5":"363883afff043e1f16ccacf5cf76e7b9","sha1":"c36c5db6d01dff6d8b41249b438808e693663bc6","sha256":"d3961858e22a57209b9ec133f95f3ebd75cfd7abc146229982e9d774876c7340","sha512":"c4c40144601e92dba4ff475f0812a3cb642d2273e2d20b36263fa0536618fecac17aea0d5921bd317f5a39302d10c4a24576dd495fc9cededce5f47ce0dcc496","ssdeep":"","tlshash":"c211048a8e4e52b7fbb0be1260d12e07c01b6fb5ada24472b06d957352fd044d62db14","first_seen":"2026-01-30T06:58:07.044112Z","last_seen":"2026-01-30T07:31:21.128723Z","times_seen":2,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/common/getUserCoin","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"POST /api/common/getUserCoin HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nlanguage: en\r\nlang: en\r\nContent-Length: 2\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FQzPtAcFlKICb8ybj7ZmoE7W97ZqjWemsu3IlfCZz0%2Fa51NHwrhq1%2FssyHowPb2I605oLfH1LYYM7wGWAnFsY8zEPQkaKw2cu%2BtG%2BMoediuIzzOv\"}]}\r\ncf-ray: 9c5f4439086e120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":324772,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"fabff9819c6835798bf37279fd1de244","sha1":"86c48abce4a3dc678f343c1abd7076048c9c362b","sha256":"ebeae4e1c6ad67de6b1b31d4fa67f75d5b245773787a40d7b641e4e8c9bd5e7e","sha512":"a302987997da7689c1a22f67fdb1df974b1a4586fa798ed9118ca84abe571523e40ef5a6a1940c25c74374d728cca5e1ebc80a0d1db48d61d8a1fe692ee3606f","ssdeep":"3072:5mHiXjzTUuJ6nHbGf37IoDhWjlzjRYINiC7vHCyNT849wa7acXp6fEMxqhVOs/iP:RXTh6n7637IoDhVINiwHCQah7","tlshash":"3a64f271d9c990ded5368cc2afc3aee11e9a33c367cf5c9105895e015bc2eb5a13278a","first_seen":"2026-01-30T06:58:07.069901Z","last_seen":"2026-01-30T07:31:21.129956Z","times_seen":2,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":506,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Frame%201-BB-vAyLS.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Frame%201-BB-vAyLS.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-1384\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AgOKZ9rBse3I2chhQDgvHcGMf0FV1B6ywSaDyEUjGYmtwMnti%2Bn97m%2FjoXKfqKN%2FoI0q08OUpGkU9n4AKk3zBgDbTvz1NhUFzg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44396ffd8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4996,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"adc6a06c56ada71180d5f6aaaef2682c","sha1":"11752acaf2f9bafd7a0187cd635a299c300ec55e","sha256":"615b199dfbd53bdf6eed13bdbad7e1bc63c9d6b47b5b3941f941b83dc671390e","sha512":"766a04843d059ddfbf1e13d3b5fb00aaa98551e7db75dd84822a33ec3f3194246bc22ca8cf92a9e32f8c055670223d16014b146fc1b8344338d1941879c8b1cd","ssdeep":"96:8OSV/Ycg/JRPrmxexk/17o8HtfKyk4EW+DSSxyyd+WZe3pZ4ftOv3SG:8OSVQcgxRzO441o8NfKlbWUxprQ3pUtQ","tlshash":"31a16dc057e402f8536010362bd174af8997fced76372e8db098e37d22585a5909ecb9","first_seen":"2025-08-26T17:46:37.234646Z","last_seen":"2026-05-30T18:39:08.47009Z","times_seen":85,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Login-DdmETZVM.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/Login-DdmETZVM.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-2d2b\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mu6dP9m0dkRInnAH%2B%2F7M6M1bsbVgQHFnfpEDD2h3Pcbf1vf7dpqkB9nvj%2BadsXNccgFGPzAVX3%2FIoXC6jv1z6nyAN7G9oCXtTg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b2c548be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11563,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (11556)","md5":"925308cf815cce44122f6c1d1c76182b","sha1":"cfbc845886ecfca3dd8271d9730bca2b51d89f5c","sha256":"1a11b07823c9e3590870356ddc59d3a6f9bcd615995065315d0106af1d5311cf","sha512":"196ffa440a6a41a96a966ff2aae8d182bfbf95630d71c83677f89697750d4023cdb603ec38f81479d5f7148b4a9757fbd9a12d689870fa8fccb1d6397a0660fe","ssdeep":"192:5MT5FyYQNzN+dNWNTpknH3caQKkn3ELqKDN/5qxBy+d7PEwjNwzPZdasQWQ5QUgh:5JYQJIUBoL1Ibp9JyisQWQ5QbDFHiq7H","tlshash":"f232a6c87512abf99bb30825b6047935b4185f99c067c48ef3f84c317bdacb66a24379","first_seen":"2026-01-30T06:58:07.035876Z","last_seen":"2026-01-30T07:31:21.132697Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/common/getCoinContractList","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"OPTIONS /api/common/getCoinContractList HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SRiNiF5C%2FJxnMot3k%2F82Q7wpobJ7kceE%2FMFT8o7N%2Fvok85oSsrZngj1mIPtja6x%2F8DKBB6z6S0fPa%2F5kGr8vdZ5aTndoAdk457ECxvQfKZJ2AkaV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b7b04dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T02:34:21.078592Z","times_seen":16227496,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":7,"connect":0,"send":0,"wait":204,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/loan-C72_ztZx.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/loan-C72_ztZx.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7SZ86WWs9v%2BHApLQDyDi6ZjyBTIhoISVXNRbfdH%2FL5AvoQG9EUMZ44FYrtCClzhjeShliPLFqEBwqFQkk%2FB2S4gRSo5EC9%2Bcpw%3D%3D\"}]}\r\netag: W/\"697a141c-244\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f443caff48be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":580,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (579)","md5":"bc616f59993c976e650e28c26b8df1b3","sha1":"131076de9dd79a052e95875762d5bb9454d15eee","sha256":"14cd7f8031a4cfac597a0fdb95a6f3d31a16565fe017f32a1c844a624337fa56","sha512":"7eee7ec00e13628707305c10dd845b7506c4a25859bcd68e2327c5ee8f65a713d8ee5619633a0b3b86a258371fc63ad0a250b8d4cdfbc5787fece0b9239a13ca","ssdeep":"","tlshash":"eff0f6dbbd179a7f9135d23930933d02b43b9a31def614702f2ad8678b2c089676b941","first_seen":"2026-01-30T06:58:07.065258Z","last_seen":"2026-01-30T07:31:21.134068Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/SetFundForm.vue_vue_type_script_setup_true_lang-BHlk-fQI.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/SetFundForm.vue_vue_type_script_setup_true_lang-BHlk-fQI.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-a71\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QbsmhfVxw4udpqbWxHMzHSyE3eRdgKz9MxqziJVBPaadKtpO40VKQu%2BmNOrRThQ6jb0kGndXa%2FyNhuJXBMl%2FL6hrlE%2BT3ErRGg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443caff88be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2673,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2672)","md5":"d25031a217c37349e5c075d77a0c8d35","sha1":"748c418739df56ce596bea6c700a49096b61dbd8","sha256":"0f922fa56fe204294109ef7852f09c66ca01d7f19bdd177ab1f6de137254f592","sha512":"bcf4678b50340790ea5e4877027716a2d8a998ceb2b345ceee726e2f94e251065e0b2f37059c2609b45558a05bc7421d66f8423d4be32defb2e4cbfd9f264f12","ssdeep":"","tlshash":"6251340d2472ceff26c3a238224e6168e0c8bfcfd7309755b66d447226c99f53619a55","first_seen":"2026-01-30T06:58:07.02052Z","last_seen":"2026-01-30T07:31:21.109715Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"webapi.bo1688aei.com/ws/ee05857d-53a1-451d-9dae-80747dd58af1","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"GET /ws/ee05857d-53a1-451d-9dae-80747dd58af1 HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://etoro.icu\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: JRstp8o+PfIYVVR8iqMsPg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nDate: Fri, 30 Jan 2026 07:30:52 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://etoro.icu\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: q6Edg9JXOk3RRt/WrSadJO68vE0=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=WQGDQ3y1J%2B431SEmmZsAasACW7bNejIoZv6t2BGhyKfp1xakJ%2Fr1V4xyjEc1qxG4qbRTj6MB%2F%2Bs%2BpiI37MI%2FTjPg6LC6BsqL4k6rddzjCwEVozj3wGRMdkMUCCqCsO6kPDpBvMZ5Ew%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9c5f4435d89432fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=505\u0026min_rtt=436\u0026rtt_var=197\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3120\u0026recv_bytes=1195\u0026delivery_rate=6683076\u0026cwnd=252\u0026unsent_bytes=0\u0026cid=b08b477b14a7c497\u0026ts=496\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T02:34:21.078592Z","times_seen":16227496,"resource_available":true,"data":null}},"time_used":575,"timings":{"blocked":0,"dns":26,"connect":44,"send":0,"wait":428,"receive":1,"ssl":119},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/PdfViewer-B45GQKhL.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/PdfViewer-B45GQKhL.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lgw0g267N90YNAkVgWmpgiJ737LWryzum9hSxkhm6iMUhD563qaHsGPUsNmIwbZQ9hD76tZLIvRlTFOWXI0zouqh78PPtCgIEg%3D%3D\"}]}\r\netag: W/\"697a141c-ac\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f44356d208be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":172,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"a07280d8c4487f94b1962d8eb4c60c95","sha1":"73584fe1844801f9c25e94ccc9dff3b20346c2fb","sha256":"cd0180dd43cdd6e4f0be1f78d4764975fd0abd9566ccf9210d4404d8e876ac98","sha512":"1b03fbfdad670899cdcf22896978f04a52fb6bbc48af9f0a6400182b7e30cbdd7d340bf4b3a082f824232134c66e891e39bcf834b4e760522d5988442d0b43b0","ssdeep":"","tlshash":"9dc04c23f185949d04125064159236fcdb3da50a634e1cf14b56f3766abd3c765364d1","first_seen":"2025-08-26T17:46:37.291739Z","last_seen":"2026-05-26T16:34:37.689682Z","times_seen":70,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/trading-interface_4-CCmROM1q.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/trading-interface_4-CCmROM1q.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-896ca\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wQYMC7BglCb%2By9AUrZTdWsV%2FfGzen33Sh8rsPeYRoNLnItm3HyN1NMCLW7EfHbvmZRzHMFmIaaoBfwLaWQPt8vT6Z4LTWl85PQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44385d878be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":562890,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1199 x 769, 8-bit/color RGBA, non-interlaced","md5":"ab801456f4c88d13697bd3d186870d08","sha1":"1b4d46f43b00f6ae7af58cba88a51a4d9c7dfec6","sha256":"623e42d090473adf73541ed3fab26af430b98d6cf63560e221d9575c598863de","sha512":"a82949aa2041b623f1a7612f3c89283edf578a3a171f37cccb657553c24e05402b6d9dfced39ed718546d35505a72623c134dd4cf2fd0e552521896905fe33aa","ssdeep":"12288:aQyxItpTbegRwXE28mbBoFVWy6b9VgqsE2Sw8XCtelsKkgM+:ty2begCtJQsnxsBSw8S4kgH","tlshash":"0cc423c545adea8b2624d8c90c350f043dbf4c8d65d24b05d097d99e89f3af942e3bae","first_seen":"2026-01-30T06:58:07.034215Z","last_seen":"2026-02-26T17:48:02.204213Z","times_seen":7,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/BTC.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /virtual/file/BTC.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 30 Jan 2026 07:30:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 2691\r\nConnection: keep-alive\r\nx-oss-request-id: 697C5E2E8B90443430019D82\r\nAccept-Ranges: bytes\r\nETag: \"2EDF1EF8B333C40979976D1A49BC234C\"\r\nLast-Modified: Tue, 22 Oct 2024 11:43:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1939274224005843766\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Lt8e+LMzxAl5l20aSbwjTA==\r\nx-oss-server-time: 5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2691,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"2edf1ef8b333c40979976d1a49bc234c","sha1":"d75ac12795b4a9575c874e1b190712cd62a87afc","sha256":"50a1901684f223bf26594dd3415b1e50f184820a16daa810cc5452911e9117a9","sha512":"f697a1fa0786316fc01003f72621920932e2657e4acf5a471e35d02717c42c9db5a12df311895a776a563dcae9b8fc0b6721833529a054b9dbfff4c52fc564d3","ssdeep":"","tlshash":"2b515ee60252267980d32438616db1e178beabb2c3021ded6c1444954acc4b62555cfa","first_seen":"2023-05-01T18:49:36Z","last_seen":"2026-06-08T02:08:08.283208Z","times_seen":21663,"resource_available":false,"data":null}},"time_used":1875,"timings":{"blocked":802,"dns":1,"connect":265,"send":0,"wait":269,"receive":0,"ssl":534},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/account-CEJz2eqC.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/account-CEJz2eqC.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-450\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F7Y3k2pUGUKrsTzoiOxY%2Fvbh%2FLfAySqQp3pUeu9mVPFmqF0HZQA8VlxiUSlB0I3XBUMlgQHHBL23B%2BmmTtTModGeDgNwWAe62A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44357d4a8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1104,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1103)","md5":"363883afff043e1f16ccacf5cf76e7b9","sha1":"c36c5db6d01dff6d8b41249b438808e693663bc6","sha256":"d3961858e22a57209b9ec133f95f3ebd75cfd7abc146229982e9d774876c7340","sha512":"c4c40144601e92dba4ff475f0812a3cb642d2273e2d20b36263fa0536618fecac17aea0d5921bd317f5a39302d10c4a24576dd495fc9cededce5f47ce0dcc496","ssdeep":"","tlshash":"c211048a8e4e52b7fbb0be1260d12e07c01b6fb5ada24472b06d957352fd044d62db14","first_seen":"2026-01-30T06:58:07.044112Z","last_seen":"2026-01-30T07:31:21.128723Z","times_seen":2,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/ArticleViewer-Ovcj6CdM.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/ArticleViewer-Ovcj6CdM.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-963\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XG9ZxMTziB5V8vZ85SIZlWtb8MvsxzExQ%2BbpfKzSLtkissx5PQValu%2FesOGp%2FP2NpMiuNkxntmm9RdalT%2Frxz%2BOpnIX7R0GmNQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44358d6d8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2403,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2402)","md5":"004e39d5f4a35737fe3fcf0abd7fe1a5","sha1":"edb76fe2b955850bcf2c58c41ca30afe404779e0","sha256":"ede8e08caef3d12a90667191f55e085e63985f722e97e804c7d03efbdba9eeed","sha512":"e40b2a6a1d37e1b9adea907f7492bc7e0856deab3e996dd19ce992f18cba612545daa72b9c71a2174455f9cedf4a48752180df3467dc8d6dc1b035b7826b9b51","ssdeep":"","tlshash":"7b41949c2476cfb896f38335a58ad6545004fbcbd7118a89727e582a2fc0eb07a5c304","first_seen":"2026-01-30T06:58:07.045203Z","last_seen":"2026-01-30T07:31:21.121645Z","times_seen":2,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/cssCalculate-G7yYGhEz.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/cssCalculate-G7yYGhEz.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1998\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=546b9GyboMPecK6zgIuQSHHP3N%2BkYEMT%2FiIlRe4lJACUlrZjuIzyk204YdXCjAMCqcPb%2B11QLdw2SU6RKnD8RNpJgTcAx%2B0S0A%3D%3D\"}]}\r\netag: W/\"697a141c-318\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f4436b9868be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":792,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (791)","md5":"81ebadd562734ed587f3316303b98381","sha1":"5723c81e2b22ffc192d40520d06e88144b0772ad","sha256":"7c50130b8bd2f94adc659826b11458992c265553deafb0b41a0e70b68f147d5b","sha512":"649488501388c20a305d284b0ccc5de1027ee267165017e7ecd09d3f9d60e6d61ef3bff8b2f81884ad5a65e42ee40714f9473e4f0a677a8d4eea11ca50e158be","ssdeep":"","tlshash":"b4014efda5c1daf79b4b553b0e6c492c718d5680ea1f86c2d76da4207b402ecb132590","first_seen":"2025-08-26T17:46:37.228469Z","last_seen":"2026-05-05T09:11:43.050995Z","times_seen":43,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/phone-mockup_4-BEylEYR8.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/phone-mockup_4-BEylEYR8.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-43f0b\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yZtd79kEJVDCdxfBASi8sqXYyF3zMD1BjJG0bie7iTVAIphb2ms6qsebuX%2BHPIU%2FI29y47fYwLlQEbFm564by8iApA2PgdGLHg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44382d0e8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":278283,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 520 x 1073, 8-bit/color RGBA, non-interlaced","md5":"d287bb8d1b50d7b2ae03b322e5263866","sha1":"c4071645fc8f971bdc06f40eadcb765be957dbe9","sha256":"56052eb3bac3bb801c7bd321cd1b0b2fd2614210ee91bf992c3c35c720920bce","sha512":"052b07d9d0109836ac35baf8bb5168eb9acb3c73b9763a6797ce1f72a7896e158d5d1b5bf55bb3cf17a0025792ef7440170d70b2fafd79b8b1e06c9d9ef46943","ssdeep":"6144:dCFNaPKbOHzrRLZWefM1nlrqyj758fmgtynNFsnFrOzf:dSNa0OHPFfMNlrqyj76L3FSzf","tlshash":"5d4422e94b3898691974e72142db97b22ccd776b3b0124e80f58f5e2d6146fb7c8813b","first_seen":"2026-01-30T06:58:07.046374Z","last_seen":"2026-02-26T17:48:02.161875Z","times_seen":7,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/crypto3-Bi713gOj.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/crypto3-Bi713gOj.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-b011\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uLARX2q0v%2FLdGt1aQZJQo5O7O1hGirYyoAq3yk6OMKOhwYIWkSiZ4xXzRaz3cynFkJyht4%2BXhx13u3Ud8bFUqiNpxMPlaiJbPw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44385d738be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45073,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"7401918092026d21dd7dabc67295ef49","sha1":"53db5a70917874eaeed05b2e893bc51c3333fb5c","sha256":"5614ba3ba38256cc9cd354af165e23840713bd66181a33aa47b5746910dc45ae","sha512":"4875d2e3900f88a580d44720a02e6e934421dad709765ea34858f5a611c080febbe525fa52ee4f9d32fcb0a6e07bcd3e4243b43dfa2a737ca3f7659319bdb3a9","ssdeep":"768:lCCSfM5x3ifgWTfcVXTIae3k4NrUnRsK3rFh9WhT0v7zIf+B2ow:1SfM5kf/0VXle0OUnyK3gTPow","tlshash":"aa13021e41a4b5b23e0fbf571c29db00d3a7e7d58613da17c9d6855846050da31acefc","first_seen":"2025-08-26T17:46:37.219207Z","last_seen":"2026-05-30T18:39:08.460111Z","times_seen":88,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Frame%207-Y2WnO9cd.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Frame%207-Y2WnO9cd.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-10a7\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HigC7IAx9di6qcKbuhed%2B202xUmhXRuZLQoZNELrs8maYDZanCNySRoKT2NQ67O6r42QNXbwpLM3FPL%2F14sL939E%2BJqHMTB5Tg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4439782f8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4263,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"d5e5104db484a25110af449819dfd7ff","sha1":"d71c6ce1c4710fc41fd1c7e3528f71ef71cc6232","sha256":"19b5705c4832fd650e2dfa032ec9c31ae647eb51a7cfb6a8bdf91dfc3eb048b0","sha512":"4579d3e6605dceceb2d3c18ad431ad534b51f3a3a4f40dbee08820407dc3f97ce488136b6709675e6a84d6c58427a923d33fbd4ecaabe8aee935af183186c204","ssdeep":"96:4SqIjc9/X4edqkPCETKZ2OC+vk+YLoQh9skSY6gS54+rQ+:4SqIjc9/oe8kYZpV8QQh9ZSYc5xD","tlshash":"28916dc0bffd596ec8c7e8e4e585a48b6c7724acec5dc1088c71892e8575e331262b54","first_seen":"2025-08-26T17:46:37.295193Z","last_seen":"2026-05-30T18:39:08.479167Z","times_seen":85,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Login-B_SJkevf.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Login-B_SJkevf.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ROg6F3Mu7qv2nZxS7yPB8f6MJV3H3RqkEdFBSzSmt%2FUCx1OOtYUe6IUN9cuEX10k7gfmHBKu9AFbyCMSMRXHPpW%2Bp0pCcHeAOQ%3D%3D\"}]}\r\netag: W/\"697a141c-e5\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f443b2c528be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":229,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bae627bf13d569007ee014e7d11dd7c6","sha1":"b4351e257b02d016d18e9dfffa5a140f2fdbf144","sha256":"aed61187cbecb64a4b81f27208a0f93dda0961b46cb91cb6d6519def51cee05c","sha512":"77784ddbb35fadd017a3fa5b153e82e690d61dc49e698369fa33cc6bf98bbb84f9607b94cdf6a645096fe5fb32e957e6d9a46017fc2a5303a1146275a1a1e738","ssdeep":"","tlshash":"89d0c904755e142189b7866058d1c9980aaaa3d3363b88a833c356cf6f8325a642f5c7","first_seen":"2025-08-26T17:46:37.226419Z","last_seen":"2026-05-26T16:34:37.744839Z","times_seen":68,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Login-DdmETZVM.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/Login-DdmETZVM.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-2d2b\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kian5wipsqVhfQ3YXwL9%2FMHmGSDuwhKB17w1GEtBHNBJWLqucaQ04YIuHSf64fgAh5z%2BZBcR4C47QTJ0IKHPZRrlc%2ByuuGlW9w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443bcdd58be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11563,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (11556)","md5":"925308cf815cce44122f6c1d1c76182b","sha1":"cfbc845886ecfca3dd8271d9730bca2b51d89f5c","sha256":"1a11b07823c9e3590870356ddc59d3a6f9bcd615995065315d0106af1d5311cf","sha512":"196ffa440a6a41a96a966ff2aae8d182bfbf95630d71c83677f89697750d4023cdb603ec38f81479d5f7148b4a9757fbd9a12d689870fa8fccb1d6397a0660fe","ssdeep":"192:5MT5FyYQNzN+dNWNTpknH3caQKkn3ELqKDN/5qxBy+d7PEwjNwzPZdasQWQ5QUgh:5JYQJIUBoL1Ibp9JyisQWQ5QbDFHiq7H","tlshash":"f232a6c87512abf99bb30825b6047935b4185f99c067c48ef3f84c317bdacb66a24379","first_seen":"2026-01-30T06:58:07.035876Z","last_seen":"2026-01-30T07:31:21.132697Z","times_seen":2,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/index-Va1Ep9-t.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/index-Va1Ep9-t.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-37366\"\r\nexpires: Fri, 30 Jan 2026 18:57:32 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1999\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DRHN47pqOCpvniBpWVDZXNZccdSwCuDNHc2XJ3AKhZs1K32zYD%2Bgg56Sm0LvJitWOcWihLOYnVI4cn%2BPT6Pkl941ln41eUoU8Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44332f3b8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":226150,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"89c31a52caac14ed0e65e017d029936e","sha1":"f7c556828b150b60d5ed6961374b4be3d9b1a1e7","sha256":"0f048c0f7c72f543890487e7985942ecb7271dbe457edcbc88484756b0de6d13","sha512":"951e0a6ee372362e0856ab993d4eb35bfadb207b37e1d3409e07d464a6dacfc640a4b85b5e65c6e7cd90cde13ff36a71067355869a4889b425288bfbf8ec19d6","ssdeep":"6144:gExgAtraQez/N6ijqI+ChRk1Cfvkauh/XmKund9QQ4R8eG+Qkq7sIZ36:Qc9Ic","tlshash":"162455bde28904e63b36cca6d374778e6039f6b1c9955d95f81b501cefc33a10682a78","first_seen":"2026-01-30T06:58:07.089985Z","last_seen":"2026-02-01T00:53:28.897071Z","times_seen":3,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/common/getAllSetting","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kSzUD4yPjLJwl6ROOxd2FjQxj7qXfoJrySmKvWXoFF4ujf6oqJuEop72vJ%2F%2FzX7Yq5gYcgpIx%2FvUzbRAtYLYEzch2Ijb6UufyAMvdx%2BkJZ4JW%2B4C\"}]}\r\ncf-ray: 9c5f4435d8d2120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T02:34:21.078592Z","times_seen":16227496,"resource_available":true,"data":null}},"time_used":572,"timings":{"blocked":79,"dns":1,"connect":8,"send":0,"wait":398,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/dataModify-C6sk-dj3.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/dataModify-C6sk-dj3.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p9Voe5Khg6dheF2NORjiFRiC6EqFXGpzYLI5NZcNXerJ0KSBIbqfbQpXzSA1CmyRPLnxyAlKJjIau%2FKWj75IyNiGrdGdj3%2FVZQ%3D%3D\"}]}\r\netag: W/\"697a141c-27b\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f44357d458be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (634)","md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-05-26T16:34:37.704819Z","times_seen":66,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/cssCalculate-G7yYGhEz.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/cssCalculate-G7yYGhEz.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2AQCmWuxBxGqQZlwFLpuTdiIk722HkvPmLHmon%2FjsJQmFjyuiLI4wXMXStkgmXx9l4%2F4BYvYKSAQYvrvDV4jAHVSiJLgA7ExDQ%3D%3D\"}]}\r\netag: W/\"697a141c-318\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f44357d468be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":792,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (791)","md5":"81ebadd562734ed587f3316303b98381","sha1":"5723c81e2b22ffc192d40520d06e88144b0772ad","sha256":"7c50130b8bd2f94adc659826b11458992c265553deafb0b41a0e70b68f147d5b","sha512":"649488501388c20a305d284b0ccc5de1027ee267165017e7ecd09d3f9d60e6d61ef3bff8b2f81884ad5a65e42ee40714f9473e4f0a677a8d4eea11ca50e158be","ssdeep":"","tlshash":"b4014efda5c1daf79b4b553b0e6c492c718d5680ea1f86c2d76da4207b402ecb132590","first_seen":"2025-08-26T17:46:37.228469Z","last_seen":"2026-05-05T09:11:43.050995Z","times_seen":43,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-pUUTKl5z.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/index-pUUTKl5z.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-2a445\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1998\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FPqNOWMdBuuXxEIkYf2EOO6DKMf3HIGh3ClzgPS2yoA%2BD2iGak1NkKlNYBrWYE0xyoqEktJrwf4ZtLYydDJI%2FV3dYXVJeLIDVw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44361ee48be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173125,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"213c28932216caaa1918a9c84e3507b3","sha1":"8ca5a8e26283d25eda6a131cb50efa45b9831060","sha256":"a46168ff716611e4f8a9212ba97986f7d1674ab52ae5d4034b8468c93c89f17d","sha512":"60ccbc7a143d5741556972f538fc5b47c91513108880c1571bff70a5989062e4d5c615567b8387870af2e4ca34f1fc6cfcafe024a2fb28dac26de29a3f3ce274","ssdeep":"1536:O9R8WY5TRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8ni:gRk5jTG8ralELZFOUnusSQilqw7ShHTU","tlshash":"25048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","first_seen":"2026-01-30T06:58:07.022418Z","last_seen":"2026-01-30T07:31:21.146365Z","times_seen":2,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/dataModify-C6sk-dj3.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/dataModify-C6sk-dj3.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1998\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OnRY%2FfYI0LJu96CxYxHg3FSOzRnVKW2UvSSqdTKgilZ0q2Hu22jzewmGZVR%2Fqz93m9Ry1Kafe2wHMVGbhSiIhgbdH%2BXrcCIr1g%3D%3D\"}]}\r\netag: W/\"697a141c-27b\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f4436a9518be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (634)","md5":"349f5b93e9d8dde770b2c7bb055dbfcd","sha1":"ba66f08093433ff9ae5b906faaf3f669f8ee75c1","sha256":"001315e8416480bc075df6a7ae1e9a205426501bb92987fda20e438d3dfd8d11","sha512":"eb8f140aa043b2cbe0dba7d2184fc8419bdaa5a117c24e442b2db79cd646daa913774f7dacd8e8a361ad0787a5d06462bdaac341c8518391dd7330387142b3f7","ssdeep":"","tlshash":"cff0d192df3af2b06da892811dd571962d1162547ca60bc091a2ae3115934faf29cb73","first_seen":"2026-01-30T06:58:07.07812Z","last_seen":"2026-05-26T16:34:37.704819Z","times_seen":66,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/PdfViewer-CxAbd-kG.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/PdfViewer-CxAbd-kG.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-219cba\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1998\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m7jEsTJmWzfnpXBGj8yULR1h6FdRpq7l5MWG6MGxXRoXv0To6fJPGW2cgmotgqpXhab9VjnlgaDeotNaHRjTKMram3I6Sfoi9w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4436c9aa8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2202810,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"b4ad4f32b6f5cd9c69fa52923138f26b","sha1":"e67530fdf6a69085f8d83928ccf46203bca3ba28","sha256":"ef323731ec86b3063788ac5bb1c44f5371e403b199719040e90a277eeefb6c4e","sha512":"5f8ebbe423359efcc3a0c23bacc6387c5dbb55e4d06587b934e42a16bc3752f65a95335821cc5391a5153e15e14db05c606c90f9e96ecf7a062c8fec18d05d70","ssdeep":"12288:ZZapMfCJkxNP/XN8894qsbzAar4Y7hdKvWHbzYE/EqkMsxP706zL9bHIOdBEtHbV:ZkpMfCJkPXXq8RqbOt7aFMz8","tlshash":"41258d24731a769d0aa900c370bd1589d3fe1609e062e1dcb78f7a9f6a6ec09673d734","first_seen":"2026-01-30T06:58:07.058171Z","last_seen":"2026-01-30T07:31:21.117082Z","times_seen":2,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/filters-BzRYEg_J.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/filters-BzRYEg_J.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-416\"\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PcKO5abRb7FH8DaZOFyKzhSsgAK3r%2FPB0K8RKBFRoMjjsgoC20VXiAUlmTLBgDpGb%2BrzfDShx3iIZsefNUaEx%2F6aL4VKzFX33g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b4cb48be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1046,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1045)","md5":"951d4f65fe61c32dfd9c4af44f5e66b9","sha1":"a6d0e380ebc68dffd6320885f7045eebb31a09a3","sha256":"393eb50e37c72f341e2bc944184e322fac9d1750412bc1bc82a0a65877d4151b","sha512":"03fa047e3ec3834ba5526f3d1bedcaae6abba701398b4aa927e9ee50b056b25fef5d324548e2ae33a4714f491bc2eb9de4b8ec983cfbb9df5e543e961ba3e6d6","ssdeep":"","tlshash":"4a118ba995cac67b02fb88c8514e418768e87f78b00e4b62bd64f11235a1051f4be393","first_seen":"2026-01-30T06:58:07.056973Z","last_seen":"2026-01-30T07:31:21.147828Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Low_1-6m8ONw4C.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Low_1-6m8ONw4C.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-162e\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XPooOu5FrFZH2o1SQXat79u0K5TD5k0u%2BkBVGa5P%2Fa93M4ZxfMjIlP%2BHrFe0JF%2FhSsGsHH%2B9PQ0ayUGPKOkCyZHSHy5Oo49tTw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443988548be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5678,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"5103c807ea33c534b2710ac6d158b293","sha1":"791ce9f7dab4d0fa9e1c68d9295fdbec555d599c","sha256":"f703e9a83bac8e20f95f9efab361f7d5490d3c1fc71990e0ca7d6b873a7de8f1","sha512":"5af38160b36582ae82b65694d8d559f71c505dc98e0045cafb5dee8674156a373f66e5e0901ed688f6c00767344a6f5c0f6e141ce914c8486c1b3041331bf2b2","ssdeep":"96:8OSaygjX4v9yeCz+ZZ68HHk2fWXp3+YdG2K3yZ178HnxmDZZBnDuS2:8OSco/LZZIwWd39P8HnKDU","tlshash":"4fc18cce55b2d9dcdaa41fb8234560381929e197e010bc02c935bbd42dc4509eeece3f","first_seen":"2025-08-26T17:46:37.287888Z","last_seen":"2026-05-30T18:39:08.463978Z","times_seen":85,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/remixicon-BVvFtaex.woff2?t=1734404658139","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/remixicon-BVvFtaex.woff2?t=1734404658139 HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://etoro.icu/assets/index-Va1Ep9-t.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 176812\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\netag: \"697a141c-2b2ac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 1996\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7TAG3eaPIXHsBPft8bfmgXTXeAeaVtKUky5PRHpcDgJ%2FXSWL%2BUg2VoyxkIXCpY7mgZzc3JjtQwsZnEs1FE%2FXGParQSjNvGo34Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4439f9768be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":176812,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 176812, version 1.0","md5":"9f0118b43f57fc3ea9f55bbfb3a3b185","sha1":"f3ec7500bd2c615bba2de885d46bcaa91c20aa9b","sha256":"7ea90bbc7c505b98dd7d3a089a6fa32067e353150192951cedb05e26820936cf","sha512":"6a17cdb1c39d1638a2e69ac8c9cf15229d9f64ce9026965dd8e8878700994fd1db65f21be31e18a49ec36e0b0ca522d05ab7f3884b21a022d9ccde9795d0baab","ssdeep":"3072:8oI+omjEjOiEHbaa4yYDtZimTAj2QdJohF8EBGWXsL1u:8r+5baa4yYRTw2Q8C48g","tlshash":"300413f0eda0d72cd9c7fc12f48db606aa9c579475f790901bb0fef869ca4a8965c420","first_seen":"2024-12-20T14:28:38.376296Z","last_seen":"2026-06-07T23:36:29.113118Z","times_seen":1979,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/CreateOrderModal-bbuOfOtm.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/CreateOrderModal-bbuOfOtm.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-3f90\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uZAK9RdZOrB%2FywkummekJ6a%2Bu21dXncVgbPV65JYbmFBuCH2GvppUVjxXVo9RIAgaZ7eRD%2BL8KExKoUnL2ztBCV4lSSErbZ%2FQg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b3c898be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16272,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (16271)","md5":"4b89011ee105236debf4c8d59ebf15da","sha1":"9168734a9782db6e70a73691d0928c87a9f5bf8b","sha256":"8a0a38354c040f39564828b8ccefb644bfe8d04900f595a2f14ae72f01e812a6","sha512":"61760420609a7bd8f35a7c21e1ca5f840b74078aaf69ee5428bdb65a99a23f1f45df7253591b9bf452830f4a5424dc4229e13b0e904d39025f5d8823eccc60c5","ssdeep":"384:a5KMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:aIMuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"5e72c93c70d0c9be9473d176a2cd68284048bfcfc6625bcef63de66415d9ca16b25a2c","first_seen":"2026-01-30T06:58:07.083343Z","last_seen":"2026-01-30T07:31:21.150622Z","times_seen":2,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/XAUT.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /virtual/file/XAUT.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 30 Jan 2026 07:30:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 110638\r\nConnection: keep-alive\r\nx-oss-request-id: 697C5E2E4C8B3730363D9816\r\nAccept-Ranges: bytes\r\nETag: \"9D1FA90455F3E0C966910678A6341204\"\r\nLast-Modified: Sun, 03 Nov 2024 12:42:47 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14148370102076571509\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: nR+pBFXz4MlmkQZ4pjQSBA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":110638,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2000 x 2000, 8-bit/color RGBA, non-interlaced","md5":"9d1fa90455f3e0c966910678a6341204","sha1":"145bdb8bff255f92c9c620d27a93960edb79911e","sha256":"e8ee450381bbe0475a4995dd8c00847ddd3000ebf42e5a62f9713946f2b973c3","sha512":"9479e1c57ab8e76cf9e37b9aeae8e1bce0e18aaa41c832fb5b750e9b15e788d9230a71db5f1507d349d9451f6ac824dedb524059ed7f50e77f674705289460b2","ssdeep":"1536:kvTV1GCc70U2WCG9hf7KFAK0B5Z3uIwZmsmUcLVqDBOHqwnU/:k7VY4UrCG91WCtB5Z+pbcGBOKj","tlshash":"d4b3c5cc05f0f1ee9176ce2c94a7358c046243bbce597ab2f311d6df581aba99c118a7","first_seen":"2025-07-19T00:50:04.632539Z","last_seen":"2026-05-11T20:01:23.621257Z","times_seen":68,"resource_available":false,"data":null}},"time_used":976,"timings":{"blocked":406,"dns":0,"connect":0,"send":0,"wait":271,"receive":299,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/BNB.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:54.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /virtual/file/BNB.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 30 Jan 2026 07:30:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 12869\r\nConnection: keep-alive\r\nx-oss-request-id: 697C5E2EAB67323637D3B518\r\nAccept-Ranges: bytes\r\nETag: \"A533EECDEE5A789E7D94F8F79F95D588\"\r\nLast-Modified: Tue, 22 Oct 2024 11:43:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 18158548296662870332\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: pTPuze5aeJ59lPj3n5XViA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":12869,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"a533eecdee5a789e7d94f8f79f95d588","sha1":"f1ae6df3a9baf6dbec969c6d1ab622850a282895","sha256":"ea257fac91d01858b7dfd0361f8b480caeb3d57b080570ef4b4f41d5d7e68c90","sha512":"e46ca5c2239c89c783805b1f4e17664118e57e95dff6513b8ff917aaaa763b922c6286b48d0e6daca644ae30c3e821674dade74a056837865353b451c50d074b","ssdeep":"192:3GSu8nGgOCcrSaheqQThcTrOcOAasSqXzcxfuZWfWOKJ6mVgCd7mOOwRB0IG:5/POzrSTThcTaPAaFqXzcqG6ekvP0IG","tlshash":"1442bfd83898c3e455233e69d56e4c138122251a66588517f22a2b7dbf03af27fcf1e6","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-06-06T04:02:55.266893Z","times_seen":677,"resource_available":false,"data":null}},"time_used":703,"timings":{"blocked":422,"dns":0,"connect":0,"send":0,"wait":280,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cservice.vip/js/ai_service_core.js?v=1769758254095","fqdn":"cservice.vip","domain":"cservice.vip","tld":"vip"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:54.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cservice.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 21:47:19 GMT","end":"Tue, 07 Apr 2026 22:46:59 GMT"},"fingerprint":{"sha1":"A5:63:FC:3B:CE:6F:DF:D0:D8:AA:87:18:27:C8:A2:B4:01:3A:99:27","sha256":"4C:2E:05:A9:16:CC:FD:8D:F0:D5:92:B1:5B:29:A1:E8:A3:D1:0A:D1:95:CB:2F:83:92:31:F4:55:56:92:B2:14"}}},"request":{"raw":"GET /js/ai_service_core.js?v=1769758254095 HTTP/1.1\r\nHost: cservice.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 07 Nov 2025 06:22:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690d9033-44d2\"\r\nexpires: Fri, 30 Jan 2026 19:30:54 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5qCAj%2Fg8nPR9zoPp7FdiNRnOmOi7PI%2FNZXNaMa5bFZIn%2BJB%2BQ%2FnhhXmEEctG5J2dzvQuvx4M0pidlW9a0bHIYu8vSmewvEh8zVLgCA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f444028361a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17618,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (496)","md5":"f18eea0d33964edbd612d61f5713fd75","sha1":"93dd1f6594dcf0f7cbdb44813e4c1f2072961533","sha256":"1bc28f480d9acf22346a0cc22379fce4b7971d6e647a55de5919e641db5cc597","sha512":"5cb694ca839128e6683a513174761ccf1c4147b28d130dc1425112756d81ee61a2c65baa2272e8284264a53ba658a4f77c1753291163dcc4fc5745b0538c5931","ssdeep":"384:m+6aLTFONgSMQDbHer4p7JCA8GaHOdRUHYAnUjZpeZgy4F4Syec71gAQ77/ZMTtY:5xTFeMQDbHer4p7JCA8GMOgYAnUjZpeS","tlshash":"a48241abebbb10724457b4368b9f268435268013294cde203facded04f52a675317bf9","first_seen":"2025-11-30T14:17:39.769051Z","last_seen":"2026-06-01T14:33:52.182505Z","times_seen":100,"resource_available":true,"data":null}},"time_used":630,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":630,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cservice.vip/assets/style/css/chatStyle.css?v=1769758254095","fqdn":"cservice.vip","domain":"cservice.vip","tld":"vip"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:54.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cservice.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 21:47:19 GMT","end":"Tue, 07 Apr 2026 22:46:59 GMT"},"fingerprint":{"sha1":"A5:63:FC:3B:CE:6F:DF:D0:D8:AA:87:18:27:C8:A2:B4:01:3A:99:27","sha256":"4C:2E:05:A9:16:CC:FD:8D:F0:D5:92:B1:5B:29:A1:E8:A3:D1:0A:D1:95:CB:2F:83:92:31:F4:55:56:92:B2:14"}}},"request":{"raw":"GET /assets/style/css/chatStyle.css?v=1769758254095 HTTP/1.1\r\nHost: cservice.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:55 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Mon, 27 Oct 2025 16:46:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68ffa1e0-b303\"\r\nexpires: Fri, 30 Jan 2026 19:30:55 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qUsHUcci3%2BJWDDSXeCDA5F%2FuQxRoQArDZV%2FF2LrcgzRCIYeIoGOFDY9md8kGmBoLMPkx4KmR8NOlUkqcBz3G5EeOk3fqFCFGAlRqhw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44444a541a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45827,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (1414), with CRLF line terminators","md5":"7f04d716a07903513dd26bdc041cded9","sha1":"87cc4821c93b3691c2cc6ed6c07504f9c5030d5d","sha256":"eca5ab3a8577e84adaf245950a20cb525d5c762c14576671dbcdfc9a46de476d","sha512":"f4a86fb88cfef3906b7debb45e8d4d02a58f4afbb14ff8479e630c3f8c84f97be7d3996d3e399f29498f31066c28fb7a63d8a83e00bc151686e434bf796cd0a5","ssdeep":"768:b8hjh3T4m4G4/4y738BY8+kJYcJHJlxGSndLcR4xhQ14YYi631N8VNi3rdwLcKda:Izr9l","tlshash":"b423433ceb65218da123b4a9bff16be5af514013df0b06a5b5f17a38c2504bd39712d8","first_seen":"2025-11-30T14:17:39.779365Z","last_seen":"2026-06-01T14:33:52.135698Z","times_seen":100,"resource_available":false,"data":null}},"time_used":777,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":777,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/common/getCoinSecondList","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"OPTIONS /api/common/getCoinSecondList HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ukPUGJErEGdXZKs%2BHMpo%2BuZVbdqQh4s7HcM6rpscv1cTKUeFgM68o9QikzEyP%2Bjr6yxvv5uvZXdCNhGweWv%2FwjaqL%2FIjfKvnkz3pswXab3OudI%2BP\"}]}\r\ncf-ray: 9c5f4435c8a5120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T02:34:21.078592Z","times_seen":16227496,"resource_available":true,"data":null}},"time_used":587,"timings":{"blocked":86,"dns":1,"connect":1,"send":0,"wait":408,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/ForgotPassword-tn0RQdqM.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/ForgotPassword-tn0RQdqM.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=08QDBCsPuZDDU%2Bm%2FvAtqlHhEUFHcbMb8xf%2B1yb%2Bq4LFVlsgS%2BLKLrmIv22nE%2B4VSIP4I7povjWf2C7IZIUbcMe4Iep4NUfeNkg%3D%3D\"}]}\r\netag: W/\"697a141c-0\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f44356d088be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T02:34:21.078592Z","times_seen":16227496,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-pUUTKl5z.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/index-pUUTKl5z.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-2a445\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XozHmafHCREWj76QpOHBlQ3n6HmaFT%2F%2B2IbjQw4vkKlnr5RkJ8y318T%2FDneXJGpCHgOf1Yi66cv%2F49lIEuMjcbk6wIB9D5zXog%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44356d258be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173125,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65524), with no line terminators","md5":"213c28932216caaa1918a9c84e3507b3","sha1":"8ca5a8e26283d25eda6a131cb50efa45b9831060","sha256":"a46168ff716611e4f8a9212ba97986f7d1674ab52ae5d4034b8468c93c89f17d","sha512":"60ccbc7a143d5741556972f538fc5b47c91513108880c1571bff70a5989062e4d5c615567b8387870af2e4ca34f1fc6cfcafe024a2fb28dac26de29a3f3ce274","ssdeep":"1536:O9R8WY5TRoshtG80ZgNaeYXE+bUmN8SoFfefW8UjXGqW/lWBlxvH1hfGJnesv8ni:gRk5jTG8ralELZFOUnusSQilqw7ShHTU","tlshash":"25048e4db221757a86f3568a42948110a6644f49f458c4fcb6bdbc272deec5802feff8","first_seen":"2026-01-30T06:58:07.022418Z","last_seen":"2026-01-30T07:31:21.146365Z","times_seen":2,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/CookieConsent-Cwy8EEY9.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/CookieConsent-Cwy8EEY9.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-7fa9\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1998\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VN7KS92q9bUFpnVHtHwuWaTcZDpMW7bpekCageO%2FOAkN7OSSK41HI7QidwYmfjZOywPzkJx3MegB6l0JBCZK7h8X9oPGYUgJGw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4436c98e8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32681,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (28848)","md5":"a3d57f4dfb8b351d338218c31b910b0f","sha1":"5e66b68ab930f00cd814463c4040775984203c1f","sha256":"af9b916faacca64df9bb4e09e9ce8753a8fa7ceb485c2649ec0469b45e3149ac","sha512":"c54ea19df402e383f73542c20476be2424b10d2aafe2d71d8206faf58f1d68a2f3c2b57a050d53a25011ab8617e9c76ba0c50cfc6ecb2ff267ff9dfe781ff042","ssdeep":"768:sJYjnT5ISSBGZo4mrwDu0yIpdmjriD05bnPexT:7eVsmrwXpdeiom","tlshash":"cbe26c05e806eeb9d7f35634744a7168a4387fdac25ac43a63bd85232bc9f728763314","first_seen":"2026-01-30T06:58:07.068687Z","last_seen":"2026-01-30T07:31:21.155015Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/starslist-YIJi42t6.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/starslist-YIJi42t6.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-569d\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0QaTaSY%2FYsTJ%2BZJJBeL%2BhPCof5xq0IIlwo%2FpQedmcGi2n9ZPi%2Bh7n6jvoDSdhUID2I9IsVmBkbT4M3YHUZGRJgUKVczUMo3lmQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4439b8d88be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22173,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2148 x 417, 8-bit/color RGBA, non-interlaced","md5":"78382c82dad9a7dd50655f44fb82f743","sha1":"5cb4a13ba952deeec34e3c4a5f0a1a424efb1cd1","sha256":"3bb15b8fd045ea090c833d5cdce05e097a4f9556f1a74b69232968b505895609","sha512":"f2297ebeeb0a47f59cd03b6b6079b3ad6c54aa1d585416a38ba5220a0a3a34b64a63f70b28460c34739441ba5237dfc5f560adcbdb00cceb83e5508197f687f2","ssdeep":"384:JojM6hkS9bZoCrjbih/rDyNRNMlOuDZ5lxYYWZLesJeDQu:YRN3iZrg3KOoZxqODQu","tlshash":"7ca2c01a9a5eecb1f92cf0313a834d30e9694452bde0c339b542c105feab4bc86b61a5","first_seen":"2024-12-26T23:29:40.083923Z","last_seen":"2026-05-26T16:34:37.743376Z","times_seen":72,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/index-bg4-4HzhR67G.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/index-bg4-4HzhR67G.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://etoro.icu/assets/index-B4CX758G.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-62509\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T4dHaiFd8Pn5n6fiiMcFoMloY%2Bn0XeyvZgq9k%2FsxjJBEdVJmf42H3GPfzLQ5wwaM4HFG%2FSzXJZ7bIgLas92B0FPpHszwddXzhg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4439e9478be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":402697,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 605, 8-bit/color RGBA, non-interlaced","md5":"e8d59ec576c7863d0a1634be119a9dd9","sha1":"904d9420707d71bcc8fe96d4bc3efd7bf6788e6c","sha256":"9946dbdc4e1830e4d974e4e2306b02eb2840791ae4fc3bfe803405261e8dffcc","sha512":"d7bb56461ed1d44c529ade4434da8ab75e6aba1771b1d76fe4ab4fd43edcecaecbc0a4fad78399b05d9a68a5df695e51e97e979462ee4c838c0dce1526be9695","ssdeep":"6144:LF22gP1p/A7+eFVOe5FE/FplkZ1CAauYMx7pHdxmDMbMzxMuVV58p3IDzZ:LK/NA5FwlkOArYMpxmDMIzjz5PzZ","tlshash":"338412c483210832ba90ee50b5618990d0282db7b405dd7517c7ff836777ba9ac7da9b","first_seen":"2025-08-26T17:46:37.261835Z","last_seen":"2026-05-26T16:34:37.717633Z","times_seen":71,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/loan-C72_ztZx.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/loan-C72_ztZx.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p5n98QyjfOKSwsy%2B4piq7PIXt56%2B5VsW1R6jeWjy2dX3INFLSJ3gWoUh2R96oeLbrJIc2Z%2FEEDP6AOvDZdO0fdjZ3bxSByXAvg%3D%3D\"}]}\r\netag: W/\"697a141c-244\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f443b3c8d8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":580,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (579)","md5":"bc616f59993c976e650e28c26b8df1b3","sha1":"131076de9dd79a052e95875762d5bb9454d15eee","sha256":"14cd7f8031a4cfac597a0fdb95a6f3d31a16565fe017f32a1c844a624337fa56","sha512":"7eee7ec00e13628707305c10dd845b7506c4a25859bcd68e2327c5ee8f65a713d8ee5619633a0b3b86a258371fc63ad0a250b8d4cdfbc5787fece0b9239a13ca","ssdeep":"","tlshash":"eff0f6dbbd179a7f9135d23930933d02b43b9a31def614702f2ad8678b2c089676b941","first_seen":"2026-01-30T06:58:07.065258Z","last_seen":"2026-01-30T07:31:21.134068Z","times_seen":2,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/CreateOrderModal-bbuOfOtm.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/CreateOrderModal-bbuOfOtm.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-3f90\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vxfhCL0weCwbPEOyjsAEtmWtmu%2FFOeR57hTdt2snDpztuvI7e4MOtd5dt3ocQhdWdFscHuSiZijK0%2F1gBx2koMaEk7QIG6uyYw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443cafea8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16272,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (16271)","md5":"4b89011ee105236debf4c8d59ebf15da","sha1":"9168734a9782db6e70a73691d0928c87a9f5bf8b","sha256":"8a0a38354c040f39564828b8ccefb644bfe8d04900f595a2f14ae72f01e812a6","sha512":"61760420609a7bd8f35a7c21e1ca5f840b74078aaf69ee5428bdb65a99a23f1f45df7253591b9bf452830f4a5424dc4229e13b0e904d39025f5d8823eccc60c5","ssdeep":"384:a5KMuQAaJG8SdMmDiWdc9VGSSMSKp1k15klKkuLy26K:aIMuEJbOiWdyGSjSKp1A5aKdLy26K","tlshash":"5e72c93c70d0c9be9473d176a2cd68284048bfcfc6625bcef63de66415d9ca16b25a2c","first_seen":"2026-01-30T06:58:07.083343Z","last_seen":"2026-01-30T07:31:21.150622Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/common/getCoinSecondList","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"POST /api/common/getCoinSecondList HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8dxyZ%2BncqeFDjxw4%2BPPx%2F5Eo3N5n%2FQcvFJZy0f6lsz42e9bbLHoMPP%2F0yGFiGZFU8z0XL42x3oWIksU9KMQ9LP9NtGHfOe3E3yzPVEkgWvnb%2BiYm\"}]}\r\ncf-ray: 9c5f44387f22120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48917,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b7fb7bf3d02c431a46c1ef9b879b1a01","sha1":"f383cb456febad71730f30ae1051723cf5c919c5","sha256":"ff08c972e04000206d0d589c23a6425fdf45c305123c2730a77fa60dd24aa498","sha512":"98ee903584c34d3a5a56ffcb9d409b2b7e14e2caaae1be808518810522b40a68454588abb384404f4e6eb9df4ae9c563ad9b78836452577348ab81bec83aa9c5","ssdeep":"192:Pt8i1Qr0F8reQclZ1gNta9XGinZUPvLvjDI3uIkmYRCzPOKQclhKGfgaIdENFna3:rFZrYi/LYhj5GXzmlGLfkxfz8fTEf/","tlshash":"f323fd1eb664843c865188df5d533a53d29e266fedcc8b2a8def898520ecf767103906","first_seen":"2026-01-30T07:31:21.168839Z","last_seen":"2026-01-30T07:31:21.168839Z","times_seen":1,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":350,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Low_7-MbUCZvwK.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Low_7-MbUCZvwK.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-1434\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f2NAzaJYpsjtqnzdSeCM7rilEhc%2FKhGA4rbnxy9kXL%2BTQOl3bScNkuRmYQvWn1qr2KzIp%2BU3X%2Be7JVjiHlVPvS4wXXsoul8j0A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443988788be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5172,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"e38075ca6aec6851335c8a616c6f9496","sha1":"8152c7c77e00e84bfbf7d6f39fdded8ca7ef7c26","sha256":"6a3049f60479030d5b33caf22b842537e58c8dc871bcdfc6db2662c4edd005e1","sha512":"e5daec0492c9a3d5190d6722f142b72b6e855d97ef773601fdf8357c498ac740e7adec9a209221dec86b9d9ff6c5f4b17d729e80598d76ce858827b966aea75b","ssdeep":"96:8OSiMd9yT+70vrsi4pKQsMRjUUBdFvVhLf8Rbk/6jJ5qVVwVMUVycXg:8OSiM7xq/cRjUUtLURb7jvpMYXg","tlshash":"33b17de6e9f51f410ed83cb149fe70aede5bc07960a27e1c3468aaecc5254e38ac0941","first_seen":"2025-08-26T17:46:37.24529Z","last_seen":"2026-05-30T18:39:08.435851Z","times_seen":85,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Register-D-j-nxFs.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/Register-D-j-nxFs.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-47f3\"\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F%2BZzYl69F6i760U3yoryKlaHYUBS01UyP%2B761wbbIrBCT63wVGPj2ZgSHveOOO1tcgB9hLjHzXuIFZlD009T8WkBTNPivTW2pA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443bcddb8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18419,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (18413)","md5":"fabefd7d035883e6a38e4485208f2b3c","sha1":"d7400d9dbcb129fbeda07b0c6e1fdb9468653cf1","sha256":"531af315f226c81f867d2282a8d13dc49838f1b450e84d26687f1522db116c67","sha512":"f5800b451e10d7d0b21c6a83be493677eaa6d3a7df3df012d7e368fc39d509f23551b19f9f0772e6d8c0d59914bae4682e42524bf2f589f5cd0c46bb3023eb04","ssdeep":"384:Gvz6u+z8k7mm+r6meg5bM5MZ5iU4jEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792K:Gvzp+gk7a55g5s5TUZ5pyVjnjXYn0D9R","tlshash":"9782678cb1519bfaab7b9431f4476930682c4f5fc463c0f6e6e88c35a79ec71a51423a","first_seen":"2026-01-30T06:58:07.041785Z","last_seen":"2026-01-30T07:31:21.175023Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/common/getWhitePaperSetting","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"POST /api/common/getWhitePaperSetting HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=khJ%2FAgVj1OcoEsB3wl2Ii%2Bu7QhLNJ0URa6c2KXxvGPOv7E635hmEIWEcO3UjEVyl6WGoIsebGRWFnJnjn1JWGRSoBNpW0A%2BoPFDyUFfAXbT8cwZH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443cde7ddfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":155,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b3481de98df68f4015c6d7c1d6d985f8","sha1":"769a06d34a15f74749320711e4b796a2d0f1d3c1","sha256":"aaaf3b02009944c5efd4e585878975f0ead2c91befe2ca8919771ae68b1c7fd2","sha512":"1cff628686bc7ff3839c5eb1d209d338f15a991494809f288e3c8a7dee98eb5b8a8fc4acde7c5848cd80a2eafec2059f1b295662a66e7f01892a7fa25a94ed73","ssdeep":"","tlshash":"eec080231918d465495327cc41350b09b4d4345757415140dd586944e418976760949c","first_seen":"2026-01-30T06:58:07.076799Z","last_seen":"2026-02-26T17:48:02.255747Z","times_seen":7,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/LTC.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:54.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /virtual/file/LTC.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 30 Jan 2026 07:30:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 34858\r\nConnection: keep-alive\r\nx-oss-request-id: 697C5E2E794D10383152DB30\r\nAccept-Ranges: bytes\r\nETag: \"BB27C369A3AA54D9C1F8E59E1706DA48\"\r\nLast-Modified: Tue, 22 Oct 2024 11:42:58 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2593469271640333430\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: uyfDaaOqVNnB+OWeFwbaSA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":34858,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"bb27c369a3aa54d9c1f8e59e1706da48","sha1":"7e1b9677305cad40b686a5a1077da57c4f6cf07f","sha256":"e691621963c6de60c05c0e91cf7c65cba4191df054a3b1bd5becbef3a426f9ee","sha512":"4ff3058897ecbcee5464eb954955cc40bad7f411ee86f21dcbebe3d02ee45410b42f68c8e3a22537ef530c65c9bc9960fb36134aeced2dd36688a21c0cb02415","ssdeep":"768:FAbT/SSUokJQD9Wvnwoo2hzabJIqRw/VH3+WFxL1nHLy:G/RU4yni2kKl53+WbBLy","tlshash":"3df2f155ed69527406b90571846e302ca4669a7ebdceb11bffbd67302b3246f008e06e","first_seen":"2023-11-19T03:02:17Z","last_seen":"2026-06-06T04:02:55.293479Z","times_seen":630,"resource_available":false,"data":null}},"time_used":733,"timings":{"blocked":434,"dns":0,"connect":0,"send":0,"wait":282,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/SOL.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:54.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /virtual/file/SOL.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 30 Jan 2026 07:30:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 25649\r\nConnection: keep-alive\r\nx-oss-request-id: 697C5E2E794D103831A5DB30\r\nAccept-Ranges: bytes\r\nETag: \"670C723ABC22056BC5368CA2A97DD6A2\"\r\nLast-Modified: Tue, 22 Oct 2024 11:42:55 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10769821075161595358\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ZwxyOrwiBWvFNoyiqX3Wog==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":25649,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 201, 8-bit/color RGBA, non-interlaced","md5":"670c723abc22056bc5368ca2a97dd6a2","sha1":"5ba69b915180c31e4d35a524a9de7b3409ef80a8","sha256":"11192935f626fdb37ddfd8418d754feee326fc6f0a3ce7aa6e61283a820d8b09","sha512":"546901ff0dd66b4768e7560c2ccdceedc3bdac577eea114e600613d98319bde07a84d4fd8a303f4c34c05b3a26c73f03602ba38aaa5436dfcdac6712e0868652","ssdeep":"768:9SDR4lelsfdJTM1JiB+mP9LsYKPlAgezlYWXu23fgiqs:9Alsfd9MqBZ1L5MGgQuW+2vLqs","tlshash":"feb2d076137254ea4442115b97364e812c39f4e3adea6e2c7507a40c7d4a33b30db6bf","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-06T04:02:55.294395Z","times_seen":678,"resource_available":false,"data":null}},"time_used":1025,"timings":{"blocked":732,"dns":0,"connect":0,"send":0,"wait":285,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/crypto2-RVLsXywe.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/crypto2-RVLsXywe.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-ddcf\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ANGDM4FQRd7Z5KIjOgjOT0kzz%2BiczPH%2F9E2AIty7xrLCwTj7en5wgiC80GnndTceeJe5KDJBkzeoIg5jd%2FDSYCUvfDLQMXHrFg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44385d6f8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56783,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 305, 8-bit/color RGBA, non-interlaced","md5":"8a1eae471f4c0dc21007b86b97b5fd68","sha1":"b1ac51b4dd8a9a255a35326b1e0e3724eee7b431","sha256":"780f1d2b6644b5d7173ac032e83d0bcb58b2d0f8fa81911b15031918f3cb593f","sha512":"decf23d33c7f25185d1ce69a55b7ecfcacc46225c0a6cac3705c8c8666531831edc83b956a8dd0e714b0addf0cfec8e2e9cfd30738b652556ef113d9131bae4e","ssdeep":"1536:Z41T3sxtojtdJlqDe3dBB+5pfT8kbN5ahOaV:Zm3sxWtdzqDe3Dw5ZT/N5ahOK","tlshash":"e543024f4482be71cc64d7813f96923a11967d4afda0b4b08ea7a041cfce4ed72456af","first_seen":"2025-08-26T17:46:37.263184Z","last_seen":"2026-05-30T18:39:08.446582Z","times_seen":88,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/index-bg2-DH3H8kTp.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/index-bg2-DH3H8kTp.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-415bf\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xO3QCNUDgBahNwntZXW%2FS3qjbi9KMc5LBGd9KFoKWTnac5uSCpxbZ3PAcZ1SqC5DXNoGe9Kz9EpgU7HR8gb5lYD8G9nglGovgQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4439d9398be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":267711,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 734, 8-bit colormap, non-interlaced","md5":"4e2ceadc2a00a7055f2d30b675301f2a","sha1":"23544a569e9f2129980acabcdef51b8c225117dd","sha256":"0113b32c782902d3f6c16a832653c99172ac40d17a454ec621e4366ef56cc280","sha512":"3c70550b3a9821a4b962341fd0cf08bacdabfdebe7eaf65a77946211a78701d72c5a8e321e24bca94be9634c4af66deab691317d98709587f23b5efb556b3d5e","ssdeep":"6144:fHeZ8M1KxbmeW02HluhfdZ9de39D3Jly1ZBWIUL:fHeK9xTWVu5lul3JM1ZBWIUL","tlshash":"b344230c360554c3edf7d874b31cdbfadd9b3cbf249d8528a672a36a4aa502c15c99c0","first_seen":"2025-08-26T17:46:37.264725Z","last_seen":"2026-05-30T18:39:08.471318Z","times_seen":88,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0ee8b20dca16649cfa1c310966f79b49f.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /echo2.0ee8b20dca16649cfa1c310966f79b49f.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 30 Jan 2026 07:30:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 11919\r\nConnection: keep-alive\r\nx-oss-request-id: 697C5E2EAFAD5B3333485C92\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST\r\nAccess-Control-Max-Age: 0\r\nAccept-Ranges: bytes\r\nETag: \"BE4BD40C227A65F09702AF89949D1CBA\"\r\nLast-Modified: Sat, 24 May 2025 09:22:23 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 7822267791396973669\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: vkvUDCJ6ZfCXAq+JlJ0cug==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":11919,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 400 x 400, 8-bit colormap, non-interlaced","md5":"be4bd40c227a65f09702af89949d1cba","sha1":"661e028f861baa2f154caa18c1648d5f2c99c68d","sha256":"1e87ad35f7c554ad86c2cea7a3dc9ea6519070e1b2da58dab0b09a772936ba76","sha512":"50050aa2a86a00acaf679ff869c500eeca3ecb95860bdb264ec794104763c4ac1428777636262445ca24b11bae81c84685ff514ba47346a9d48cffd401278851","ssdeep":"192:2SPoKGfOsNQoom2DPHifL5BLOjCYxLLlKVBLAA26BseDIZq/SH55r0yZJcfaQoMM:ZuOsNQooDPiflsjC0LlKcOeB7hvcfaND","tlshash":"6d32b0eab4bd0a23f2d49e07564fc46f24b58b71268cb93742f27931dfb154a04751d8","first_seen":"2026-01-30T06:58:07.03153Z","last_seen":"2026-02-26T17:48:02.173488Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1955,"timings":{"blocked":833,"dns":40,"connect":268,"send":0,"wait":273,"receive":0,"ssl":538},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Register-D-j-nxFs.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/Register-D-j-nxFs.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-47f3\"\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uTGQQ4z884G10tYZGJCWK9ORkk8aGU72ClT%2FZhBLq4qhJRJdH1cCcFeFIbR5Z%2BoluCxnXq7iqPGy5Bvksua6CA%2FV0q9E8BoiXA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b2c688be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18419,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (18413)","md5":"fabefd7d035883e6a38e4485208f2b3c","sha1":"d7400d9dbcb129fbeda07b0c6e1fdb9468653cf1","sha256":"531af315f226c81f867d2282a8d13dc49838f1b450e84d26687f1522db116c67","sha512":"f5800b451e10d7d0b21c6a83be493677eaa6d3a7df3df012d7e368fc39d509f23551b19f9f0772e6d8c0d59914bae4682e42524bf2f589f5cd0c46bb3023eb04","ssdeep":"384:Gvz6u+z8k7mm+r6meg5bM5MZ5iU4jEJRq0g/Zk4Ltb2pVjkOymm+AR6eb0mm792K:Gvzp+gk7a55g5s5TUZ5pyVjnjXYn0D9R","tlshash":"9782678cb1519bfaab7b9431f4476930682c4f5fc463c0f6e6e88c35a79ec71a51423a","first_seen":"2026-01-30T06:58:07.041785Z","last_seen":"2026-01-30T07:31:21.175023Z","times_seen":2,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-Bk0YSeUV.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/index-Bk0YSeUV.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-a08c\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Op4G%2BDFSIQqOh5dV3WPg%2FU3ZY0W%2FXoBExaHJv7z3uF4YRvAUZp9AP5R8KtMGxv4WmNQfEcuw%2BfGjZlHwSf6Z7j1ahsXARAmJhA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b3c908be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":41100,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (41099)","md5":"3b25a6bda4ef228600a4c5d393ac9457","sha1":"c47325aea6802884b8655d19505b80dc920a5d4c","sha256":"53912e280117dd4048654e9ecfcec10e2f5d040e9624a5e2f9e5763fbf212065","sha512":"a60e4adfd5bed134912419a71e37ab77d6f5d4e3ae26d13d7aa810748e95c64069a905adeefe79008a37b96c623173c751ccd32b3ac08fd2db53b0c0a6fbf0c7","ssdeep":"768:2eevlM82K8nfNtfWeg8s2qlLlWYuG13tfAlgbXXh4FgXG1aU:odM82dPsH9JC","tlshash":"1f03842cb012cfbe9663293062ad1994e1497fedc526c80af1bd18233bc7ff05a56765","first_seen":"2026-01-30T06:58:07.050112Z","last_seen":"2026-01-30T07:31:21.195098Z","times_seen":2,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-dkdlGO0L.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/index-dkdlGO0L.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-ca3\"\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a1YW9PdJa1EUzoy%2Fzf1GDxVIUOe18NruXy3emTjU0Ttk5cfYoYYBz7LHxKZyzX%2FHIiksmwJQulwXKQzH4BSsBMHDdbqJba1PTA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b4cb18be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3235,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3234)","md5":"3e1f45282fa7c4461f3b28a3206dfbde","sha1":"ed66d2d5065746f8a24af64ca856f04bfae1bf70","sha256":"958affcb6da0461e9820e97e6ad9ae89b0f3228e7fb7705bd6c2b8125a37939b","sha512":"64b350083f1c37cf238da309e1588c298cd675a4e77d074fea99aa975470c2c501c44e022e5c85a7a3f7018e7e8f17f6a6a70ef1970586cbb4385259902c692d","ssdeep":"","tlshash":"8261b4dd78b7f020867548ee507b0636e23a37592408d0d4e01fcd8a3931d6ab2a7e29","first_seen":"2026-01-30T06:58:07.05582Z","last_seen":"2026-01-30T07:31:21.196136Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/ETH.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /virtual/file/ETH.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 30 Jan 2026 07:30:55 GMT\r\nContent-Type: image/png\r\nContent-Length: 9807\r\nConnection: keep-alive\r\nx-oss-request-id: 697C5E2FB1E823363642AEFE\r\nAccept-Ranges: bytes\r\nETag: \"12D9722461759CEFFF02D9076A3D2718\"\r\nLast-Modified: Tue, 22 Oct 2024 11:43:01 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9445008190181339835\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: EtlyJGF1nO//AtkHaj0nGA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":9807,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"12d9722461759cefff02d9076a3d2718","sha1":"6b763fea0b17257a36b90c465593e1629aee0564","sha256":"af89450e1873196692af0d9d4d0c03218b4be8091171b9d8f7349298d4e82586","sha512":"8eb0f616162be914a3945fb383250796e1134da22e8ae612f403f28804ac04b7fd0f607e132403dc28505d80377c9281601cb23ef1f0814e08584428f3efa05f","ssdeep":"192:4V3ZO9Gxo9H+wp5qh6BKfMPaB2kXTfwoVqO2Rzhj7TfhBcHEhaI9yLKKD:4V4GxoYwp5wQKfMP6LXT7V+RzhzncpLb","tlshash":"7112bf66ab39a301d66d2bbe5cc59302db15ad10dfe14a3fcb840980370c6f9de5a6c4","first_seen":"2023-11-19T03:02:16Z","last_seen":"2026-06-06T04:02:55.279904Z","times_seen":599,"resource_available":false,"data":null}},"time_used":2041,"timings":{"blocked":868,"dns":1,"connect":290,"send":0,"wait":294,"receive":0,"ssl":583},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/DOGE.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:54.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /virtual/file/DOGE.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 30 Jan 2026 07:30:55 GMT\r\nContent-Type: image/png\r\nContent-Length: 55728\r\nConnection: keep-alive\r\nx-oss-request-id: 697C5E2F4C8B373036D09816\r\nAccept-Ranges: bytes\r\nETag: \"48384A67185DBDFEEF3AA43C99D3319C\"\r\nLast-Modified: Tue, 22 Oct 2024 12:00:22 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 3192987439189544564\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: SDhKZxhdvf7vOqQ8mdMxnA==\r\nx-oss-server-time: 17\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":55728,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"48384a67185dbdfeef3aa43c99d3319c","sha1":"23e15189bebafbbec8b23e8ed0f3392a9b7979ee","sha256":"1ceba4efa6a645fbe532e520385f37001922e14b6aa7b4ebeb19e755014feb39","sha512":"2f7a13f56ff64b874a76994d00f198c5fc2b7424181935e641eb81bcf171db54fa50b711502c0c4a7e8f5c934ed5747233d87ae0602916244947d3724eb3ce10","ssdeep":"1536:5ko5w6RHlzxqElMwBI6M3iD+oLKTn6EPwhk6g9p6uP5I:x5fR9xjlMGnMSDYLPJ6bOq","tlshash":"0d430247c0529ed2c68853aa0e3de48a84779d12358f80577ce6525a82e2df29bd770f","first_seen":"2023-05-22T05:59:44Z","last_seen":"2026-06-06T23:47:44.168837Z","times_seen":643,"resource_available":false,"data":null}},"time_used":1305,"timings":{"blocked":967,"dns":0,"connect":0,"send":0,"wait":296,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/common/getUserCoin","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"OPTIONS /api/common/getUserCoin HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,lang,language\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type, lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6R%2FjPhbyMDFy7p85h7lEjaDZftcadRLZrfTDt1KUl6UXen4LO%2BM6s37WHP0CpvWVYADC2tCN5205QwTNFD6LEivWqfof5D1QJoQOEXjh08849by3\"}]}\r\ncf-ray: 9c5f4435d8cb120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T02:34:21.078592Z","times_seen":16227496,"resource_available":true,"data":null}},"time_used":585,"timings":{"blocked":85,"dns":1,"connect":8,"send":0,"wait":405,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/CookieConsent-BKtXZsW6.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/CookieConsent-BKtXZsW6.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-1939\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7QSb4EQg0xgNwyNSeQQG9ROG8fIIznTDR7ICTdqmq0urENvW36PkGREaMBlpiwRJ%2BGDppZgGfV9xV2%2Bs2s%2BMWKdUa7TNBAyPXg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44356d1d8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6457,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6456)","md5":"1149d91279806327d1cf129fb88561e4","sha1":"64a0d38ab7c0b5dcc85255064a404c5faea0e413","sha256":"ead0cb6d3b9cb7c7ba752b1a20cfe31c362fb850dff7077d0a6bb1c1229bbb73","sha512":"a32f4aa95f8b53e74371a2cf0c459b2959b0a017734332ab04a2bb0cbbd974d3c1e9963ef7e9cef2dec986510b4f0188c7aacd045b40e793c567e28686a7802d","ssdeep":"96:UMwlRU4q7ekoIlbffKu28Y6NRyuHwwlUxiun10aWNPG987:lMpq7eJOffhLYP2WxDhFK7","tlshash":"81d1ff717688b01db13fd87561e12b9c3228e207d7325ab8964bb57c89e72873336bc4","first_seen":"2025-11-30T14:17:39.787592Z","last_seen":"2026-05-26T16:34:37.719565Z","times_seen":67,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Footer-D8NBBzAY.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/Footer-D8NBBzAY.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-2ca3\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u7PoVmMlggjOOP3fETl8sj6wv304VQbR1KQshkW7gKOh9TqEiI4X5DSGIkM7WhBYNPD%2BlMNv4Q6qu9N%2F22pMCjmhMPqKKaJYiA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44358d708be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11427,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (11426)","md5":"b141f7a45b81815a166dbfb15f59c2c0","sha1":"170a02f333de8c1881cf7354b7006a3940c5358f","sha256":"eb62b7158c9f77b546bdb2cc5d38237aa9d68520f7ed8d395e77d527b4cee52a","sha512":"34257a3835277721506d0f03ce56c85795205988e00534fc0010ad25d8bad93c824b34157ebcc5228ad8d419f35b40eb9da5115d4ef3691f4892ac86fe30f31b","ssdeep":"192:vbvNBUmwBi5GVBmTI2rDtA5/d3WIJ14NDqCjuu0IUGjUTaqKjSTvS1wSjE8LGTMa:TvvUPBRPmTVDt6/d3WG14NqCjt0IUGjs","tlshash":"05322a057973c9f9c6b784b4b8415510f238bfeee56bc85ab3fd890a17ced390a06260","first_seen":"2026-01-30T06:58:07.02346Z","last_seen":"2026-01-30T07:31:21.119048Z","times_seen":2,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Calculation.vue_vue_type_script_setup_true_lang-Bp5ILJqY.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/Calculation.vue_vue_type_script_setup_true_lang-Bp5ILJqY.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-4ff1\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1998\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AUQLgvMCCh9xm5OvEYv2F2Vf2NTTsglfdpywaIRI9OwRDrIwj1NdYnSgBCJp0Oy3zbveHFNc6BafcpcOo0%2F4vbe89CFA3Cjr3A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4436b98b8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20465,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (20458)","md5":"78d6533374947865edef961c936e1134","sha1":"354e2a750ce8513c5975c775e5893521c8f67596","sha256":"bbd28ffa7141039df562c94a2de2eab760d94bd1f55e9eadcc0e9a024bd92d04","sha512":"e57973cb7cf95675eda2cb852282ea0d614d02a1dc94653b70ba7f16d72d2c3282119fba08bd054001f85fe241c67dfeb81df710f6d3a74aebb105140092bd03","ssdeep":"384:dFSYvdyMTG1CmxcgnJcwV1eBcICHan1BAkL1pkDUaBoiA6UJWM5boWBu5D8daLHa:7ScUYfjBcban/Ao1pQUaBol6Ubboyu5m","tlshash":"3e92a74db152db3ddbb354f1605e1014e0087fcad426c497a1bf09933aeeeb11a6967c","first_seen":"2026-01-30T06:58:07.067575Z","last_seen":"2026-01-30T07:31:21.205927Z","times_seen":2,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Low_5-CMIV401Y.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Low_5-CMIV401Y.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-142d\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GrFweJJugfUbreYAc8G4sotfw5NtkJiHzZCw7iVt9vcQ7mFUXz%2BXKrLTy4a2eylskaiRRT5AfGmI35OcXMF0zNgYrTPPXDkZPA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443988758be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5165,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"8c29098b3d0e9ab466eb1881954e3d7a","sha1":"c8ff881fad14961afc827512e7aa876786992750","sha256":"d4a27de602d5c456720fad40a77b4deab49b1e79572473f835ebaa045d8d6a50","sha512":"f4f0843eed3363e5fa1723ea594014e7996b084db145b0441c9b4de081841b3b07518517424adfc1b8e35a0e2fe092f43ab261aac4b39fe2a0c0a2a8c673262b","ssdeep":"96:4SAnqpFPEsnjf4nxVqQpsje9GE2nBU2Jhe+W/WD7Y4kbPJdymXr:4SAGzMnxVGg5Qh9D040xdysr","tlshash":"04b17cd73931c365649dc920bdceb4c3c42f6038729631b90b74ed52c86b804919bf69","first_seen":"2025-08-26T17:46:37.22518Z","last_seen":"2026-05-30T18:39:08.46159Z","times_seen":85,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/bg_1-BEkGORMz.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/bg_1-BEkGORMz.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://etoro.icu/assets/Footer-kqO8xzJ8.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-1b1e7\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o9Abi9kl1fRRa8XW2Ua%2BcmQhAKyRKjeRq%2F%2B2c83woozHZ064WYx7TQsdFU2dN1fi0D863HpBnoW0HSPLot%2B4qIUumTycbElmYA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4439e9538be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111079,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 223, 8-bit/color RGBA, non-interlaced","md5":"2667011e3e80bffc8f53b439e07ed571","sha1":"95f1f9ca0d80b2a0d88b15e41ff4c0804eecbd86","sha256":"71512d4d03b324477cbaa139206155fb48617658908eb7309b2abcf7691c9258","sha512":"d3038c24866b6edacd3c1e24f83285f7a03cb14a00552290d650042c6977ada5c6ecd88e9cfb85ec027398e450aa6b1718837198f2dd070d886049d31ff041b8","ssdeep":"1536:ZeZbH5ZJim+F0K+MQpgatMdAt8SgQh4LDyOBhOHQSTUFN4DoY84bAGB8d8Zf3p75:4Zb/JipFP+btwP4uFwQpksCBhpwvIqYJ","tlshash":"8ab31284374f43b9c666bc2d4c0fb950b7a68125b124ce84dff78417716aa3e8f89e61","first_seen":"2025-08-26T17:46:37.222479Z","last_seen":"2026-05-30T18:39:08.483204Z","times_seen":84,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0ab2a655a74f740efa2025401359375ca.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /echo2.0ab2a655a74f740efa2025401359375ca.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 30 Jan 2026 07:30:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2527\r\nConnection: keep-alive\r\nx-oss-request-id: 697C5E2EACF6C5353110C046\r\nAccept-Ranges: bytes\r\nETag: \"9C5D020AEC325696D1D22476E7728DA4\"\r\nLast-Modified: Thu, 03 Oct 2024 06:55:38 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17182148815916858481\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: nF0CCuwyVpbR0iR253KNpA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2527,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 136, 8-bit colormap, non-interlaced","md5":"9c5d020aec325696d1d22476e7728da4","sha1":"e9ff2cdf5160142a77c449947e659627d7ee0a6e","sha256":"3fc4675d2a41c72bc9dd1c9568b0104320bc66b77a69ad6ced74fcfbf1e1d933","sha512":"a932dd67813eeebb6a1393473906fdfcb5cdda3e9428a111476983bdadf8e37f6b6a03773cb3ae4a9bba26b165697a59bf4fa86c9fc42c256246290bc397f665","ssdeep":"","tlshash":"a9514c978961de1fb26822d2c1c1b142acaafe4f117debbd90d4012ebf5c612911df4d","first_seen":"2025-08-26T17:46:37.24324Z","last_seen":"2026-05-26T16:34:37.706394Z","times_seen":69,"resource_available":false,"data":null}},"time_used":1935,"timings":{"blocked":825,"dns":38,"connect":265,"send":0,"wait":269,"receive":0,"ssl":535},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/filters-BzRYEg_J.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/filters-BzRYEg_J.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-416\"\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8i5z2tqdqPcdGXgkF4V42X0DtFxexDOMlGDha8eVwEQesLL7VQgJdvlJLs%2B1JrI%2BXm91rx7DFJl8r8oJUT6hiLsU5jQg4F2U9g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443caff28be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1046,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1045)","md5":"951d4f65fe61c32dfd9c4af44f5e66b9","sha1":"a6d0e380ebc68dffd6320885f7045eebb31a09a3","sha256":"393eb50e37c72f341e2bc944184e322fac9d1750412bc1bc82a0a65877d4151b","sha512":"03fa047e3ec3834ba5526f3d1bedcaae6abba701398b4aa927e9ee50b056b25fef5d324548e2ae33a4714f491bc2eb9de4b8ec983cfbb9df5e543e961ba3e6d6","ssdeep":"","tlshash":"4a118ba995cac67b02fb88c8514e418768e87f78b00e4b62bd64f11235a1051f4be393","first_seen":"2026-01-30T06:58:07.056973Z","last_seen":"2026-01-30T07:31:21.147828Z","times_seen":2,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Footer-kqO8xzJ8.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Footer-kqO8xzJ8.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZlplPQWGrVWhWzEZYlCtE3gGMg0Su7YhNKqISRXMZclrCCIo%2BYQJiTRixkc1yFWqvxZLhvjg47R6po04pLqXDBJA2oqq60%2Fiaw%3D%3D\"}]}\r\netag: W/\"697a141c-60\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f44356d218be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f2d8db841ee2cccba46a4846bb383b9b","sha1":"21ec1dc977ba6ee4b0fe0a042add8ff45f05ce42","sha256":"8b180be1698077bebaaf6beb91aa095652e82bdb700bb511b126055be7e155ed","sha512":"746edcc3f53af777995441974d93a876940ffe4fec86613f9f14d3801a2f9e7d0811f7d9ed5ecc3fb6525ae957665a71e779b3b391dd0435daad7586389ee8e4","ssdeep":"","tlshash":"69b0127030ef5567744f62b93015a2308159c106d3051e0c353c62fe39d20001157296","first_seen":"2025-10-10T02:51:18.076622Z","last_seen":"2026-05-26T16:34:37.726711Z","times_seen":69,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/index-B4CX758G.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/index-B4CX758G.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-22b8\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tq4NxeBr6qVV5%2FQ2RP5M3SLvy%2B2fsosfMGR83K7vdNvYFJx4E1V6VgQS6CWdPc3BG8ohCsceAK2XqYRjd6tOMqvTFKrWtVW0FA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44356d228be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8888,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8887)","md5":"365152d1a172a0dee690e108c0e563d9","sha1":"19387e4993b29c4ed320a2b31b0d33fea2606df3","sha256":"249b413b72e45131c9a2d1360e03b90ea3b11bd380bdd877b5ab6c99fc9694b4","sha512":"838b657752953eb242073129b94d1fb5fb8f2a74e112c99ca25f34ed39e5301c9835c5d07cc4c0a16673293e84acae267d61e61bba5a77848da0a44c2a8efebf","ssdeep":"192:fpKymUJbiKnehJTJdKSme+jeH1Zpbw7GHKY:fpK/UbehJFdKW+SVZpbXKY","tlshash":"bf02b630a3181c27a277cf155694e6fc5e64a123cbf7091ce2406e28dbfa5f4122eac6","first_seen":"2026-01-30T06:58:07.052438Z","last_seen":"2026-05-26T16:34:37.720424Z","times_seen":66,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/TradeLayout-CmoCU-2N.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/TradeLayout-CmoCU-2N.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-65455\"\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PBO6q2Jk%2B%2FdG%2FIN1JUK8glnjHEoVQnHpnG11vF%2FKUai16cEHjfBbGsAC32aM5Jw3QsTbDOTxoIEWxR3K6%2BRemdIY6rRMk0uPGQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b2c738be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":414805,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (48043)","md5":"a2b2c1b5c27c45aac2846dbd1ad57041","sha1":"47b3c66c4abc10d7bd0bd85b910161ea804accdf","sha256":"287fe36610ba1b59079680bfbf9982c3969689155898731df4a8a01425530333","sha512":"2551ddcf99c1893bb4ea4cef275854d21c0f7f15f21ceed84da7ba1146ed898117f9c8073d0897b1cd1ebda29e594ba2e1699b53ca9e692b0d982f7fc32d5751","ssdeep":"12288:x37MnWzG2+iFeq6Zz6uSxNbn6e1dD5skFF:xrMnWzG2+iFeq6Zz6uSxNbnx3P","tlshash":"7294f580b162e53993f391b5107a0401e3197f89b00686adf27dccd73eaad9971baf74","first_seen":"2026-01-30T06:58:07.06164Z","last_seen":"2026-01-30T07:31:21.217162Z","times_seen":2,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/virtual/file/XRP.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:54.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /virtual/file/XRP.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 30 Jan 2026 07:30:54 GMT\r\nContent-Type: image/png\r\nContent-Length: 2274\r\nConnection: keep-alive\r\nx-oss-request-id: 697C5E2EACF6C5353150C046\r\nAccept-Ranges: bytes\r\nETag: \"674B0999F6083084A2A4B1D8B20F3BC1\"\r\nLast-Modified: Tue, 22 Oct 2024 11:42:52 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2919851811578833622\r\nx-oss-storage-class: Standard\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Z0sJmfYIMISipLHYsg87wQ==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2274,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"674b0999f6083084a2a4b1d8b20f3bc1","sha1":"8d14a526e83604e323723b4d25f8f8066f1ede70","sha256":"632f9cacb6b3fbedece774a8d27c436f37dc359de3bb0872ea19603b70347708","sha512":"4c04d137c2448c0d52a4298c858f95c58116c1d77e75899f5acdf6bb61ed839dbdc99fd5556eb63793b81258de40e515540acaeab007da76664476c9be2e514f","ssdeep":"","tlshash":"cd414bd7c53300ed9128e735b8c3ee819c00628d183bb46b89f5ec60b2346d31a53a98","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-06-06T04:02:55.304252Z","times_seen":638,"resource_available":false,"data":null}},"time_used":682,"timings":{"blocked":412,"dns":0,"connect":0,"send":0,"wait":268,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cservice.vip/js/ai_service_diy_tw6dwqqy.js?v=1761548575","fqdn":"cservice.vip","domain":"cservice.vip","tld":"vip"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:54.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cservice.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 21:47:19 GMT","end":"Tue, 07 Apr 2026 22:46:59 GMT"},"fingerprint":{"sha1":"A5:63:FC:3B:CE:6F:DF:D0:D8:AA:87:18:27:C8:A2:B4:01:3A:99:27","sha256":"4C:2E:05:A9:16:CC:FD:8D:F0:D5:92:B1:5B:29:A1:E8:A3:D1:0A:D1:95:CB:2F:83:92:31:F4:55:56:92:B2:14"}}},"request":{"raw":"GET /js/ai_service_diy_tw6dwqqy.js?v=1761548575 HTTP/1.1\r\nHost: cservice.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:54 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 07 Nov 2025 06:39:57 GMT\r\nvary: Accept-Encoding\r\netag: W/\"690d943d-712\"\r\nexpires: Fri, 30 Jan 2026 18:57:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1998\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SBlgJta8bUc9B6xggZPYBMIYtsg%2F6ckkRnWueOxZ0g03fDgUHEDDGLnzjLTau8QSPtamNYR9HxBg04RPZrfJTMqNqXxSA2k%2BBH8%3D\"}]}\r\ncf-ray: 9c5f443fde555696-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1810,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"24ac82407fb1bbdc27adcab89f5b6625","sha1":"fdb88d7995f817ef96ff82238475853e9f79b92f","sha256":"765ccb104b88756761b168d1a1ed475c38c13cf14a7c8b1f89d803b19554ed32","sha512":"72268a381adced0090ff4cabe137ec3c47ade8aa371763806d41b1f69a84bf1271993b18cdf410a6d421bc9c056aa5b55e9818f3d4b193378267a5557fa06786","ssdeep":"","tlshash":"6d31ad925e9985731933322a9b3ba528fb3127071a019a033ebd67106f31d89aa65ec5","first_seen":"2026-01-30T06:58:07.079183Z","last_seen":"2026-02-26T17:48:02.257286Z","times_seen":7,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":44,"dns":28,"connect":1,"send":0,"wait":11,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/platform/bozei/touch-icon.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:55.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /platform/bozei/touch-icon.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:55 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a140b-2e8f\"\r\nexpires: Sun, 01 Mar 2026 06:57:38 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OGvur196VlFR8aCFwnRDKqPfhH1l05uobcQ0kXnJXv3zpEyS15AlujHLbR1UuRqZYUEM0nU7o7S%2F2ShwZnqOyyiGdCzjs7oN4g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44485c508be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11919,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit colormap, non-interlaced","md5":"be4bd40c227a65f09702af89949d1cba","sha1":"661e028f861baa2f154caa18c1648d5f2c99c68d","sha256":"1e87ad35f7c554ad86c2cea7a3dc9ea6519070e1b2da58dab0b09a772936ba76","sha512":"50050aa2a86a00acaf679ff869c500eeca3ecb95860bdb264ec794104763c4ac1428777636262445ca24b11bae81c84685ff514ba47346a9d48cffd401278851","ssdeep":"192:2SPoKGfOsNQoom2DPHifL5BLOjCYxLLlKVBLAA26BseDIZq/SH55r0yZJcfaQoMM:ZuOsNQooDPiflsjC0LlKcOeB7hvcfaND","tlshash":"6d32b0eab4bd0a23f2d49e07564fc46f24b58b71268cb93742f27931dfb154a04751d8","first_seen":"2026-01-30T06:58:07.03153Z","last_seen":"2026-02-26T17:48:02.173488Z","times_seen":8,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Low_4-Br3Z_v1E.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Low_4-Br3Z_v1E.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-145a\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1oYhha1lZ2Kr543J4twt6bxyhivhLhBnngIrUbioR7EpaygwZVRWMXmDYbnXjmHGdfnFB84s88YUyaB87dcpvRjH9tWdQG%2BlnQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4439886d8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5210,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"95b8e27073c3c6e483b1a0609d083f9f","sha1":"2c4ef32b62fecfcb1cf70e0676f088c54a7d5fa7","sha256":"cf0f9d03ca1dbadd2bf8035de500cd44cd22693a30f552beff3c1ca19b014a5d","sha512":"bac6e493131b8b30a759e54276893c3544058d4a2540b7672013d49d5e2b3b6dd2a6ac21982e11ca156f7c7e0d8e2812b751cd6e3f8d1ac6189da8dba35c5a08","ssdeep":"96:8OSB6U77P8HDm2GqvjYUZKKmqVvLf8vPI1nlr8HznVGkvarcO12ReC5biF6vh:8OSYMPoDm2GqvLKKmqVvLf8vPIdlkEJ+","tlshash":"65b17dd37a01d0832e56b85bc39aeb609963344b87126a04edb1edcc1496ece0fd4ee5","first_seen":"2025-08-26T17:46:37.277551Z","last_seen":"2026-05-30T18:39:08.481954Z","times_seen":85,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-30T07:30:51.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:51 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QexcOFJTFrOrjwkgFJEM11b6EK5QVEAntkGULtv6QYSzHv%2Fo2KGO5QfT5d5t%2B01AqLer4pbSTbwVRFtjWeBP4G%2B%2BTR8%2FrBnPCw%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9c5f442dcabc8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3668,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"055129c5209697b6d177e50cb6b0a872","sha1":"216cd2a519d46ae1b51bf93a4eca8c824a931c7b","sha256":"eb29e603f44a8fa09cc24e067a175e8ebfa37bfbe84098d7e45099032c80f7e3","sha512":"3cc13398fa4ca064ce660a4e4a23c5bc1b54e043d6a6dfed2106b3d88ae45a3fbf6b4d234ef7608e9a26c09ecbacdda5f43e1219c4ff7039af8f613c9f51bce5","ssdeep":"","tlshash":"b47153334ab99c1823a1a33defe6b1458a325483d61d2e6c744c299d4fd1fa086e37f1","first_seen":"2026-01-30T06:58:07.021377Z","last_seen":"2026-01-30T07:31:21.225985Z","times_seen":2,"resource_available":false,"data":null}},"time_used":794,"timings":{"blocked":80,"dns":67,"connect":1,"send":0,"wait":628,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/CookieConsent-Cwy8EEY9.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/CookieConsent-Cwy8EEY9.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-7fa9\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZRUkXRwC8lzArJD8m8%2B2D%2B4NEE05vZS%2Bq3r27n2ijktBeawRPwCdbG41KIZ7ey0Q1Doxu5SGLTlVlvLIFT3PEEsEs1%2BPqhKDBw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44358d6b8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32681,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (28848)","md5":"a3d57f4dfb8b351d338218c31b910b0f","sha1":"5e66b68ab930f00cd814463c4040775984203c1f","sha256":"af9b916faacca64df9bb4e09e9ce8753a8fa7ceb485c2649ec0469b45e3149ac","sha512":"c54ea19df402e383f73542c20476be2424b10d2aafe2d71d8206faf58f1d68a2f3c2b57a050d53a25011ab8617e9c76ba0c50cfc6ecb2ff267ff9dfe781ff042","ssdeep":"768:sJYjnT5ISSBGZo4mrwDu0yIpdmjriD05bnPexT:7eVsmrwXpdeiom","tlshash":"cbe26c05e806eeb9d7f35634744a7168a4387fdac25ac43a63bd85232bc9f728763314","first_seen":"2026-01-30T06:58:07.068687Z","last_seen":"2026-01-30T07:31:21.155015Z","times_seen":2,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/crypto-CzKJroU0.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/crypto-CzKJroU0.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-9b3a\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jZigHNo0ifht%2FuwZs61YL5DioBoJvwbDNudEegbyH7Xf62q4xs5jaPIygIGccYW%2ByjokrCjRx1iF%2BeD89Txhp%2FB9j1VHl9yCeg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44384d5f8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39738,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"d96f714646b573194b60928d259b4aa2","sha1":"6094806144be7f313efb1d6ce0394e2e1c916e8c","sha256":"f9dad38264fde116c4af1ca31c4f4e5853c22ff612c5aa1356fa788030fd3e56","sha512":"5bc291929ae2da85c57678debf71e608ef311660ff9030eeba1f254470ee822bbcf6347054399e30a4dda40829222cd69314bd0b87236c34fce12b36325bf234","ssdeep":"768:/uuO/MIYxLYmYAaEJCQgwW6scjj+189Qlf3AqpNabUesRt+HPi0:/ZO/MIYxLYfZEFgwRZvY8K5hpM60","tlshash":"2403f273f51364e85cb0e3ddbc8a7299647e91361ba148508411788f563cdb43fb64b9","first_seen":"2025-08-26T17:46:37.250301Z","last_seen":"2026-05-30T18:39:08.475224Z","times_seen":88,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/index-bg-Cig16shZ.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/index-bg-Cig16shZ.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://etoro.icu/assets/CookieConsent-BKtXZsW6.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-b2fa\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YLRfGsgkZUI4pD1EUw0TaUquJhBz4YjhUbGe6hnzNH4q2epnZJM8BUUuay9XR0xEwp9VJjAsU1GmN3H2yV4cOTE%2F6src4qQl1Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4439d9378be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45818,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 706, 8-bit colormap, non-interlaced","md5":"c09495fae9b3b9afa21e4f85338186f6","sha1":"de7e184687afed539def40fcefe0e9315596e07b","sha256":"6e82c55cbd0ee19a044a5ec37c31769eeb6e168802c661640cc683e6b3e8733d","sha512":"8268075ddb43eb44937d88d3542d2fa595f0896f76c48ff52786673de1b486274d13880754df9605fa3b303bab65dd5bb02ca5bc33e88acda64dccbf16285fba","ssdeep":"768:A6+sg4W9+cPJlO1NctTpA2+fzAJjIaZjVcpjO6X0BvRURf0hrv4llB+86HFhekx7:7+sg4mnhlO1NUdAVfkJsdNS+MHe0r1PB","tlshash":"d523f20a976dc409b8497e7d8fa48700a882cf97602d873d7e913a1de938d534f89cbd","first_seen":"2025-08-26T17:46:37.246586Z","last_seen":"2026-05-30T18:39:08.453264Z","times_seen":88,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/crypto4-C1r0vD33.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/crypto4-C1r0vD33.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-4bb5\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ob0fNA4gW1u%2FHhkQaPeT0I3tqDf6y9FEf2UcuJpVeAiID61oG5cneB%2FsuNihTzBqttABowZPkYqmn76KuMRMKRi5CO1WsKpyIg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44385d7b8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19381,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 304, 8-bit/color RGBA, non-interlaced","md5":"d067618d9d6147cf94031dc7b0e54f34","sha1":"9eac76e72b792627e4262bb3c3349b9a95e76a14","sha256":"51e7de570156dd0d9f5be2aea42306c4e0d810e2f5031ccff71f7a2b7707bfeb","sha512":"1cfbdb4d59b63b7508ddfde9cf307fbbbcc21c9eebcb17d05b5a52c0689acf9a6c5cdf75138ab87ae4d2eac26f12834fc4c4e0e23e94bcdd489b53264a93ce43","ssdeep":"384:SYrMlXfj/ycORUUZpYLOsa70OEU1pKfX9jLKAd6NL3UvOfaDYMAG3eQKRD0:OvmuUZgjatEU7KFjLD6NLasbG3eQKRD0","tlshash":"7692d14cf04b18795a05a41f191ad42bbd1ede7ce81b0123dade0d7945cfbdd9a44348","first_seen":"2025-08-26T17:46:37.293947Z","last_seen":"2026-05-30T18:39:08.485996Z","times_seen":88,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Frame%202-5VaDbG1-.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Frame%202-5VaDbG1-.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-1656\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h%2FJdVHQOThm1rI6ZKIDNZfrWJzl0zbgZbgvZARnkhzmBNXvsYPlush6p69lZFyfhKczr9zNlFIrZh95SCbx5cb4FG4x7UXQL%2Bw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443968008be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5718,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 187 x 87, 8-bit/color RGBA, non-interlaced","md5":"5f758e18ae5e7982ead7774e8a97ef13","sha1":"a304ce7a8d6956e37c1ea3d82f6f973eb8233e90","sha256":"d2655ed85d2e3cf091024f70ce46667738e6b870ad988c9a5f8b12b0d0313951","sha512":"b3fbe74ead16f03b6546cf946a1618a78bbb6e55cc45f88c75373d12ad1de1ee4175b3657e90db6157edbee31e568f92c55f851db5cd548b8b1e79d28ea1440d","ssdeep":"96:4Sg5i+RYQPkBi5/bYtii54JP9UN/z+VVyxhSxlUXIiHDo+/aAX3+v5f9C+zEJ/Ot:4SAGxBc/vrGN/m+Sxa4Ao1A+Bf8tGl3t","tlshash":"39c19f8863f4c66000a04169a9d1c3af560cf5df01edbf947045a1d518eced6ee26efb","first_seen":"2025-08-26T17:46:37.251652Z","last_seen":"2026-05-30T18:39:08.477914Z","times_seen":85,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-8qw7K-jL.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/index-8qw7K-jL.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-50f2e\"\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OP4PGe5c4pJOndmgE4TMABGP0Fj0QOQRR0QClkdbefgRgDUvmsxVfM7tVjfTBGdTnMDC%2BJh407Fy4%2Bh54lTxM8tstMkY09yYLw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443bcdde8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":331566,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29586)","md5":"bd89b040075de65f9573fcc716541460","sha1":"b03bd4cc7141c38f419e082efb9d50ccfcf344c2","sha256":"698fe02ae1f8a1d2ef36951d007a7bb5e24974b74a09b93f47ab7dd0a467fdaa","sha512":"21da6f1b9af818227a81b9e863c7aa1db65861c246f901832ecbc4d57b3ce00feb61ddf25df663a53cf16ef23e88e00dd9019fe13960b3d45d653dcec650002f","ssdeep":"6144:UfIyxrxeAbERhW+M4e5usVKBDtMAyJjSpBBPWG5YhiPmy880z+8Ff0kvmUyPEmIY:CIexeAARhW+M4e5usUBDtM1JjSvBPWGb","tlshash":"d86409847252b27a83f305a2543e4405e2257f88b107c4ddf1fc4cdb3e9ae9665abb78","first_seen":"2026-01-30T06:58:07.019641Z","last_seen":"2026-01-30T07:31:21.24209Z","times_seen":2,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/common/getAllSetting","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tjUQqpuxUtOarYDk%2FOI4ZE9QIdshXnrjHhcQnmqFKSWdlblxSmTWAhtoKtwr2ZWodNKKM2PpTV6YvlOJzrAKY6TCdQMeV8bm7I6uxuwk7py3v2Lr\"}]}\r\ncf-ray: 9c5f4438bfb9120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42125,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e9359445d8ae01bd1f5147ead10003b0","sha1":"d5587d24e7b777ba412f02cfcb8411bcc9807709","sha256":"4454f937e8730972bc3b3067ecc6246197d0aed5727db62c089e85bdc80de5eb","sha512":"659659a0c7eb3e93e6155fabd53766be9d93cee1e66a172d43c462ab35f76be5b507746e3c073ea47cbef2545aa446cdc38ec71ebd8a0f9d7902dcd41155079c","ssdeep":"384:SUA8N+ybVlZozqDOJlDYN3wX1uEG9B/zrtLCEl9pJ:SUAjyhlZoz4LBn9L","tlshash":"8a13841ab1a8fcbdc7daa8c600773a6b35ac387beed55d54e1c94e0c43e9471850b60a","first_seen":"2026-01-30T06:58:07.024418Z","last_seen":"2026-01-30T07:31:21.246331Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-8qw7K-jL.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/index-8qw7K-jL.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-50f2e\"\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=86QsSgKJH7CeSjg%2FDTMb%2BZHVdo3qQ1x1hAluJG%2Bul7UZ4rXmwS%2FOPbcTonRzzrvzHy2XX9VOBFsNb%2Bslqi5SX5EaetOYIQhAYw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b3c878be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":331566,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29586)","md5":"bd89b040075de65f9573fcc716541460","sha1":"b03bd4cc7141c38f419e082efb9d50ccfcf344c2","sha256":"698fe02ae1f8a1d2ef36951d007a7bb5e24974b74a09b93f47ab7dd0a467fdaa","sha512":"21da6f1b9af818227a81b9e863c7aa1db65861c246f901832ecbc4d57b3ce00feb61ddf25df663a53cf16ef23e88e00dd9019fe13960b3d45d653dcec650002f","ssdeep":"6144:UfIyxrxeAbERhW+M4e5usVKBDtMAyJjSpBBPWG5YhiPmy880z+8Ff0kvmUyPEmIY:CIexeAARhW+M4e5usUBDtM1JjSvBPWGb","tlshash":"d86409847252b27a83f305a2543e4405e2257f88b107c4ddf1fc4cdb3e9ae9665abb78","first_seen":"2026-01-30T06:58:07.019641Z","last_seen":"2026-01-30T07:31:21.24209Z","times_seen":2,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/login-bg-CtTnvaIr.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/login-bg-CtTnvaIr.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OJCeHggUGhRJCKCMmiESRt4rnoEzEPxEj6CFDqTUyDFN4HEN0rov4%2B7yub5xCPM%2BV%2FKZrdAIzdBbDu2GqV5RbTWQbEIHsKj1LQ%3D%3D\"}]}\r\netag: W/\"697a141c-5b\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f443c1eb48be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-05-26T16:34:37.715579Z","times_seen":68,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"POST /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sgrguun00po%2F4jQ5mucq7%2F66ws5y311TEy5YEivL%2Bl8w%2BXqA938BzK48h9rTWg3Vu66h2ie876jrQQp%2BYT66nBTLQCnB%2FYpN9n9N8zGi6plAbIH%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443c9ddddfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2434,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b4c9bd0d3d6d71c4eefa81feee23954d","sha1":"105f98507004a417d47feb40f8696da76866a5d4","sha256":"6971e165a2d960ddc328cd1a88d153a114c0c8ce1cc090cae4a52362e25ef91f","sha512":"ae4b50376728bdf544729932c786f94158a0a09239c688b0502a645b1e8963054375796e46a4668b82e819916a3a233089798c1739b833663184ff7cad4ec7d1","ssdeep":"","tlshash":"5e410d8f23688f75084614c326ed7ee6b36e525b86218c380556cfcc83f1ab9176b640","first_seen":"2025-08-26T17:46:37.257503Z","last_seen":"2026-05-26T16:34:37.722175Z","times_seen":12,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-Bk0YSeUV.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/index-Bk0YSeUV.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-a08c\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h1KTcfygX2XFgdBujc%2B8s1luvNLuDtm2VByHUdjNTgBOnLgSntIFZGwZK0RSddFIYR5YpsIc3PieYCppNBWXFL2CTMkp%2BkbZRg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443cafed8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41100,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (41099)","md5":"3b25a6bda4ef228600a4c5d393ac9457","sha1":"c47325aea6802884b8655d19505b80dc920a5d4c","sha256":"53912e280117dd4048654e9ecfcec10e2f5d040e9624a5e2f9e5763fbf212065","sha512":"a60e4adfd5bed134912419a71e37ab77d6f5d4e3ae26d13d7aa810748e95c64069a905adeefe79008a37b96c623173c751ccd32b3ac08fd2db53b0c0a6fbf0c7","ssdeep":"768:2eevlM82K8nfNtfWeg8s2qlLlWYuG13tfAlgbXXh4FgXG1aU:odM82dPsH9JC","tlshash":"1f03842cb012cfbe9663293062ad1994e1497fedc526c80af1bd18233bc7ff05a56765","first_seen":"2026-01-30T06:58:07.050112Z","last_seen":"2026-01-30T07:31:21.195098Z","times_seen":2,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/index-dkdlGO0L.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/index-dkdlGO0L.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-ca3\"\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RoDWEZhdIuN6XCzv9yaIle8G7s0dUAZczy0o2N%2BgXkrdG1rtwlq%2F6KSDrtIxkhDttFmhjxEbRUe%2BsS9ddnaLllgjJAqi8QIU6Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443caff08be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3235,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3234)","md5":"3e1f45282fa7c4461f3b28a3206dfbde","sha1":"ed66d2d5065746f8a24af64ca856f04bfae1bf70","sha256":"958affcb6da0461e9820e97e6ad9ae89b0f3228e7fb7705bd6c2b8125a37939b","sha512":"64b350083f1c37cf238da309e1588c298cd675a4e77d074fea99aa975470c2c501c44e022e5c85a7a3f7018e7e8f17f6a6a70ef1970586cbb4385259902c692d","ssdeep":"","tlshash":"8261b4dd78b7f020867548ee507b0636e23a37592408d0d4e01fcd8a3931d6ab2a7e29","first_seen":"2026-01-30T06:58:07.05582Z","last_seen":"2026-01-30T07:31:21.196136Z","times_seen":2,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/Calculation.vue_vue_type_script_setup_true_lang-Bp5ILJqY.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.397Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/Calculation.vue_vue_type_script_setup_true_lang-Bp5ILJqY.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-4ff1\"\r\nexpires: Fri, 30 Jan 2026 18:57:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1997\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D%2BM0ysTRLaOfuGcSNBjmzCH5wXeTqeQh6PMFrV27VqCVyU0F0A%2FSPFBdEwj8rZ2UJ%2BxbAQsCBWj7RDs0fOzIlYKiQkV6NFJGSQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44357d488be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20465,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (20458)","md5":"78d6533374947865edef961c936e1134","sha1":"354e2a750ce8513c5975c775e5893521c8f67596","sha256":"bbd28ffa7141039df562c94a2de2eab760d94bd1f55e9eadcc0e9a024bd92d04","sha512":"e57973cb7cf95675eda2cb852282ea0d614d02a1dc94653b70ba7f16d72d2c3282119fba08bd054001f85fe241c67dfeb81df710f6d3a74aebb105140092bd03","ssdeep":"384:dFSYvdyMTG1CmxcgnJcwV1eBcICHan1BAkL1pkDUaBoiA6UJWM5boWBu5D8daLHa:7ScUYfjBcban/Ao1pQUaBol6Ubboyu5m","tlshash":"3e92a74db152db3ddbb354f1605e1014e0087fcad426c497a1bf09933aeeeb11a6967c","first_seen":"2026-01-30T06:58:07.067575Z","last_seen":"2026-01-30T07:31:21.205927Z","times_seen":2,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/tech02-fCe8e4gN.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/tech02-fCe8e4gN.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-15fe\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=P8Lo622q1gNJfrr2dhgCdDSEKRm07h3lFYuPddfnlC6%2BmAzIfCrcBlngbQw6YFaG%2FYUb%2FTVfUNK%2FQJvr%2FyyuF5et4ZkJaanFCw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44383d3a8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5630,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 108 x 108, 8-bit/color RGBA, non-interlaced","md5":"9f0f4960f780ae1e5e85227bbe3383bb","sha1":"f8ee4ead676d1560556168f55b35d53fe32a6d41","sha256":"7cae8a74bc918d12efb430f71dd41d15d06ff373a260547749045449ef9f241d","sha512":"cb7b17a623bea5b449df7a2c0b27ce3e9f8040b3d51bf0be975a798349085e09ed86be8911600ed54a2aa48c11dcc64987c2d1e625560df781108a7afa4e8bc7","ssdeep":"96:A4+Vq+5u/C6+xiKXdoPS2bcPvnGSzKHRe4YebiR0u0tsroQiWcUU9+82gCUuSq48:A4+OKXcSfn7zKHR1YegwscQiUU9+vgCR","tlshash":"d6c18e4e24bdb9424820166045f90171d8aeef522a2f61189b61078ce9983fff5adbdc","first_seen":"2025-08-26T17:46:37.297934Z","last_seen":"2026-05-26T16:34:37.742253Z","times_seen":72,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/TradeLayout-DD5PLfZv.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/TradeLayout-DD5PLfZv.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-dfd\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lT9oKdQ2AjfsBcUmuJh3%2BMnPb9wzJ5yeaUgLEP5SiYqsbymb6m7dSkFGsDP%2FFyrdHK31QeEhGNcks0JXeiujoqhnUdgwnIlJ9A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b2c6f8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3581,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3580)","md5":"fe0270ab4a99ac70b756ac821519148b","sha1":"6305f03635b0603846145ba03990269c5cdf40a8","sha256":"f8592b11af502276648966ca99c4d87473cb877dfc1e8381b4fa79f26439d3d0","sha512":"0fe0092326348f8e0df107011717c5b6991876155f3c87427ba85166cb4892df651ffc895308788f6e7c8e3f21741409283dd660c8719f702e50e89bfb3cc2f7","ssdeep":"","tlshash":"b17166aae10c20a86273d545a6e8529d211de383f73609d6734079fd8fc3bfe2b76085","first_seen":"2026-01-30T06:58:07.102043Z","last_seen":"2026-02-01T00:53:28.917775Z","times_seen":3,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/index-Dw5PEkk4.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/index-Dw5PEkk4.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-b4b\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wlLOXMwqYOpSF4fy5EUhSLLhIlCd%2BE%2Foj5tCUQ01TKhgueWTTrTBZYPh3fPpakRoYqcNMHyy6tIwZ3AGNvhTx0bCMh9bhwC%2B8A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443b3c828be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2891,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2890)","md5":"94e2ec6ec70ebd8a005a7b1188259b86","sha1":"8b817794728faac8e57c3c63a8bd3654807df0c3","sha256":"84a2697cd0feef5457466aa409dcc7bdccba25b3f1f8b68be01ad52d7bb6c61f","sha512":"0def549cb7962bf4cb626f9ec50be090f7f19ba35827828c0e39bc2d1be62d60d16aae8840f688a5e926e5a295a60650f0fa61d936cc0acae2ec5deee0fa5d2f","ssdeep":"","tlshash":"53517530a86952779f77e25091e4470ce92d72c3db5627bd7bad12141bcfbe82ca6404","first_seen":"2026-01-30T06:58:07.037128Z","last_seen":"2026-05-05T09:11:43.186843Z","times_seen":40,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Frame%208-BqAgsyxz.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Frame%208-BqAgsyxz.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-1c47\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e3Zt87yhYCF2TJpciH38E0s%2BN%2F5%2BdYwP7wmZfqIDHWO9YxxO3chdT1Upxcw4bpXob5KuCtKKYzFpQp3Ee2jRABCStxwTUNHpQQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4439884d8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"75a72c4dea3d1c72958d06e43d016c04","sha1":"cf235da5a62609b4906cfd3eca2815d0010e824d","sha256":"fd587397411636272992efc7f82bac757bb590dab7d43397c81c7e8fbed942e6","sha512":"0ddce061afc227f09eb29ef76f8727d4912024661382f43f130594f8215f72890154a2ca9833f6bbc5a73b52ac17b93d242cc6613667e250a97dc064870d00d2","ssdeep":"192:8OShxXd6eltxGINi4o+REDb+riYu04FZwWQnv+wPInRa:+nzduUo+tu0cZInmAAQ","tlshash":"0ee19ef5689448b39a23843608c87f70db655b776fc149a670706a890e3127d66c2bac","first_seen":"2025-08-26T17:46:37.267799Z","last_seen":"2026-05-30T18:39:08.455036Z","times_seen":85,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"webapi.bo1688aei.com/api/notice/list?key=ROLL_NOTICE","fqdn":"webapi.bo1688aei.com","domain":"bo1688aei.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bo1688aei.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Dec 2025 04:59:33 GMT","end":"Wed, 18 Mar 2026 05:57:09 GMT"},"fingerprint":{"sha1":"F9:37:84:55:9C:F8:4E:AA:6B:22:12:28:47:27:38:0B:2B:E9:17:CB","sha256":"20:DF:86:62:AC:2C:EF:C5:D9:45:88:12:5B:0B:85:33:2C:83:9E:BB:76:18:04:5D:23:01:28:4C:82:09:97:82"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: webapi.bo1688aei.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://etoro.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://etoro.icu\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hyrXuUMOQJnhZKn%2BgzmmnWoJ9UIJtyOcSF5ipMd3IaF6ZFLznEQ6LOXysLzXSJg%2FB89pJdSgq1ElLdmzYazi2F97L1U9zwYmoUm4xrYiIBCsXtrQ\"}]}\r\ncf-ray: 9c5f443a1b1f120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T02:34:21.078592Z","times_seen":16227496,"resource_available":true,"data":null}},"time_used":396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":396,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com/echo2.0ee8b20dca16649cfa1c310966f79b49f.png","fqdn":"java-vue-bucket.oss-cn-hongkong.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.79.64.207","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"oss-cn-hongkong.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 22 Jul 2025 07:02:09 GMT","end":"Sat, 21 Mar 2026 02:06:13 GMT"},"fingerprint":{"sha1":"B2:57:E9:B4:DF:20:94:4D:E2:85:59:20:BE:D8:5D:70:63:65:02:7A","sha256":"05:17:EA:27:D0:4C:D8:5D:6B:2C:A8:32:D5:A2:DD:E4:47:EC:4D:DC:E7:7B:33:67:F5:F7:4F:C1:73:01:01:19"}}},"request":{"raw":"GET /echo2.0ee8b20dca16649cfa1c310966f79b49f.png HTTP/1.1\r\nHost: java-vue-bucket.oss-cn-hongkong.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Fri, 30 Jan 2026 07:30:54 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 11919\r\nConnection: keep-alive\r\nx-oss-request-id: 697C5E2E794D10383110DB30\r\nAccept-Ranges: bytes\r\nETag: \"BE4BD40C227A65F09702AF89949D1CBA\"\r\nLast-Modified: Sat, 24 May 2025 09:22:23 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 7822267791396973669\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000113\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: vkvUDCJ6ZfCXAq+JlJ0cug==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":11919,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit colormap, non-interlaced","md5":"be4bd40c227a65f09702af89949d1cba","sha1":"661e028f861baa2f154caa18c1648d5f2c99c68d","sha256":"1e87ad35f7c554ad86c2cea7a3dc9ea6519070e1b2da58dab0b09a772936ba76","sha512":"50050aa2a86a00acaf679ff869c500eeca3ecb95860bdb264ec794104763c4ac1428777636262445ca24b11bae81c84685ff514ba47346a9d48cffd401278851","ssdeep":"192:2SPoKGfOsNQoom2DPHifL5BLOjCYxLLlKVBLAA26BseDIZq/SH55r0yZJcfaQoMM:ZuOsNQooDPiflsjC0LlKcOeB7hvcfaND","tlshash":"6d32b0eab4bd0a23f2d49e07564fc46f24b58b71268cb93742f27931dfb154a04751d8","first_seen":"2026-01-30T06:58:07.03153Z","last_seen":"2026-02-26T17:48:02.173488Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1982,"timings":{"blocked":844,"dns":39,"connect":270,"send":0,"wait":277,"receive":1,"ssl":548},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/login-bg-CtTnvaIr.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/login-bg-CtTnvaIr.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k%2Bg7nigTi7a6ACRuOTNY5fZsMVZGkh%2FYluBvoZIDc9eAMSDMo3qQav%2B2GDfFb90ShcgoyCpMrBB%2BzGimog4WZ9oLcWafJ1ClUw%3D%3D\"}]}\r\netag: W/\"697a141c-5b\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f443b2c5d8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ebba15b40c37ba856a79bc847a08e71a","sha1":"a720af2936ab6f1dad28220622a18f7d338d44db","sha256":"3ddd883a1fd935ffb81a11e0d1dc9628d053175968f0446aa533104a2283c93c","sha512":"3f5b2f086d745a7475029b4fd91f57a953bffe5215314fba804f6b2387b8bb6e8cc1471d83c33a2fb15b0ae511beaf36b1170b39568b433ba7e7738ce28a5894","ssdeep":"","tlshash":"a1b01201855e117a0594105d4781557012e5413c2e5483bce63d46649b1620a5c47e10","first_seen":"2025-08-26T17:46:37.227472Z","last_seen":"2026-05-26T16:34:37.715579Z","times_seen":68,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/TradeLayout-CmoCU-2N.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/TradeLayout-CmoCU-2N.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-65455\"\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=joyCM37EjW63KmXkrU2LgXPiFbMOUFpeIyfhsbOb3P7w2cxfSQJ1oWtnAHr2kNVtr1fHDxSxs75Dmj8ZZXgNUw%2FtTupmLGmg8A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443bcdd88be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":414805,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (48043)","md5":"a2b2c1b5c27c45aac2846dbd1ad57041","sha1":"47b3c66c4abc10d7bd0bd85b910161ea804accdf","sha256":"287fe36610ba1b59079680bfbf9982c3969689155898731df4a8a01425530333","sha512":"2551ddcf99c1893bb4ea4cef275854d21c0f7f15f21ceed84da7ba1146ed898117f9c8073d0897b1cd1ebda29e594ba2e1699b53ca9e692b0d982f7fc32d5751","ssdeep":"12288:x37MnWzG2+iFeq6Zz6uSxNbn6e1dD5skFF:xrMnWzG2+iFeq6Zz6uSxNbnx3P","tlshash":"7294f580b162e53993f391b5107a0401e3197f89b00686adf27dccd73eaad9971baf74","first_seen":"2026-01-30T06:58:07.06164Z","last_seen":"2026-01-30T07:31:21.217162Z","times_seen":2,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-fBhWibqB.js","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /js/NetworkSelectModal.vue_vue_type_script_setup_true_lang-fBhWibqB.js HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-5e6\"\r\nexpires: Fri, 30 Jan 2026 18:57:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kg9vWqHSNVPm9S7tntmuTcarqOAknJZEnThPKW4kUaklwbBhQbHiYvNUU82Q4SPb04F4vLmHrdoUp%2BegfzG9%2FhQtyYXyOVD9ZQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443cafe98be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1509)","md5":"c6f1bf46b374fa16dbde52839e305cfe","sha1":"8882475981dacb7cb89b3c3f630b75b8afe4f555","sha256":"66fbeea7e932c24066cd956226fb0f2b1592f9f4df815f35bccf0901b910ee60","sha512":"5b3edfbd6e84e747b8de2e88eb4abf7eece2f1e88ac7ab225d0b04adb861b37f3b5139c3d48053ec7d9e8f50f30a6f0ed2427f654f2f3b787596be00d4ea9e7b","ssdeep":"","tlshash":"7731320d9473cbfd95a391351b4a2168d2947fdeea708bcdf36c14723aca9b2692c640","first_seen":"2026-01-30T06:58:07.040622Z","last_seen":"2026-01-30T07:31:21.127467Z","times_seen":2,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/cap02-DD81pVdb.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:52.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/cap02-DD81pVdb.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:52 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-2472\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jgCSNKq%2F5ry3rFWsj4U1VCC6HGneS7sOcHx6xp37MunyWI8zy%2By55jNYZGIF%2BRJzmPfjAcKanIkYaEN60V3Z%2B7DcDM9kkbcGNQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f44386d968be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9330,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 132 x 133, 8-bit/color RGBA, non-interlaced","md5":"4ab1cf3ece753d1eb82627035c469652","sha1":"8fd4288260a2672c70428ee600390022604c5a42","sha256":"63b00e3bd41d39461d47872b23ee4a6a5a12f68cff29ce474bd400ac8c4498ff","sha512":"3c0ebdcbdf510c654de8780e0425b90c0fbce8f7c65894b7d4432b4f416dc66b26fa5b9c4c121313a10e6b736e9fde8b157bde0aca60077286dd35266de5fa7b","ssdeep":"192:RRHaX36Byum2m1yWAGebDn3stnesP3Mpb6l5tjp2GSb2lS/9HPIIu:RoGyHX1yWTWn8tne6cF6jtjzSb2lSNId","tlshash":"ee12bfc349926778264916dcb738e5807731a8920783c38ce4b5b528b1fed8c4e63f5c","first_seen":"2025-08-26T17:46:37.28042Z","last_seen":"2026-05-26T16:34:37.74648Z","times_seen":72,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Frame%204-BZFoet9Q.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Frame%204-BZFoet9Q.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-1661\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tPDps0teqHRFhC8hJjVp2CjdPGUmaCesxRxgRc9e5F5kUKTcdhAKxNOAJuHV162uhNzQ3iRyP3NHVMPyRSVwGZqHbZf77guDkQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f443968098be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5729,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"c3db4e6b3340b588b927ecd0c523b863","sha1":"c2809f25a9992e45976739f32f2e9cab161ea7df","sha256":"46350bd8be7e27ea772bdf49836ce87165677e03ef1386f4660e01564dd42150","sha512":"3911815d12f41f1fc178e72f8a33ea8f9c481612f4c62a35c3a6a4cedf050d97cdfe8c31c8639e40c133b3a94a7e3270a3c983a54a734aff2951d6362e90fcb0","ssdeep":"96:8OSquQsKe1aEHC7jPd6PP4UF9Fmk5GZZu+khzgHkAu+Wg2u6:8OSqO9kc1NuofAu+Xp6","tlshash":"f6c1aec532f1afabd84b0c3490d67ec763ee8a5591768e0bb325a093e02e8e0120d875","first_seen":"2025-08-26T17:46:37.288981Z","last_seen":"2026-05-30T18:39:08.448285Z","times_seen":85,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Low_13-B2HuoVrN.png","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Low_13-B2HuoVrN.png HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"697a141c-10a6\"\r\nexpires: Sun, 01 Mar 2026 06:57:36 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nage: 1996\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jnc456LOZBwrqlFYPOtnjnGN93fV2ydAtp4KgjLYe2DOY6Kpj5ERXUZK21Rx8UphBbtKDTBLgqrB34f%2Fk4EHeMHzuH0f5Mz8oQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c5f4439989b8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 186 x 87, 8-bit/color RGBA, non-interlaced","md5":"1e225322486da698930459293f9cdfcc","sha1":"09ca6066e08ce08ffc2a2d04b6d14d9ec9dafe64","sha256":"8151a3f93d70e3de89de9c9e95e0bf697d1a7f541d1734ba9df79ad7c58762a2","sha512":"bf2418af78b8d093f7560802048801899d09c5a7563c91d2d419020450598059f4ac777e7437e55c1b4ca37b71b92faa1cbd119a448b1cfc42b130a0f5986d08","ssdeep":"96:8OSWmUdZeggw367qTNvFnH5FaIeZAPjseHGYderXJNHNaw360UjtZ1YttBU:8OSWPZbjH7aF+Pj9GrXJNUwK0UjiZU","tlshash":"a8914dccd8d52f85aeed6e6ad4419b55573e1dfc9c149d8a34b0884a9c4037cb120e6f","first_seen":"2025-08-26T17:46:37.269188Z","last_seen":"2026-05-30T18:39:08.451709Z","times_seen":85,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"etoro.icu/assets/Register-CZzsnL_s.css","fqdn":"etoro.icu","domain":"etoro.icu","tld":"icu"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://etoro.icu/","date":"2026-01-30T07:30:53.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"etoro.icu","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 10:34:47 GMT","end":"Sun, 26 Apr 2026 11:33:20 GMT"},"fingerprint":{"sha1":"97:34:BF:A6:83:6A:11:E8:67:E9:DC:D8:44:63:5C:52:E5:FC:94:70","sha256":"D6:C9:80:9D:D6:CE:26:1D:BA:07:8B:B0:AF:3D:4D:95:30:6B:95:B2:AB:FE:05:1B:7F:88:23:F3:C2:7B:38:C7"}}},"request":{"raw":"GET /assets/Register-CZzsnL_s.css HTTP/1.1\r\nHost: etoro.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 30 Jan 2026 07:30:53 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 28 Jan 2026 13:50:20 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Fri, 30 Jan 2026 18:57:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nage: 1995\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gA8sl8NByC%2BBJZtxQ7DaQZ%2BfZfahOCt3GDda51pIGo7ZmGvSAmqyUE6fvygN6Q7L3SCk75kUKAe5ftq742G7EokbRNhq0%2Be2Yg%3D%3D\"}]}\r\netag: W/\"697a141c-bd\"\r\ncontent-encoding: br\r\ncf-ray: 9c5f443b2c658be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":189,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"0f478f9acb51dc6d5bba246cfb3c40f4","sha1":"e0b895c539b695c5bb07f09eb825e1a8c566e5ef","sha256":"6b51f62c7175076988c4aa1b50db70a4d3b2ba26a5cb91b03e9d901875873e26","sha512":"5f3b2329636cd8a81ed09c4790c6e8a45a1c0ce25c899f02ba6eb5eaf8252cca00a31fd4af1de7b4d60c9efad17bc8483a7bc274b73aa5ee4b2f42b852991979","ssdeep":"","tlshash":"11c01252841e713b1eaff2545295c18d9534b7d3ac221a6c5615729097e6ec0261e4c9","first_seen":"2026-01-30T06:58:07.097395Z","last_seen":"2026-05-05T09:11:43.201453Z","times_seen":55,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-30","alert":"Sinkholed","trigger":"etoro.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}