{"report_id":"153bcc06-ad27-4220-98a3-89254c7cc093","version":6,"status":"done","tags":[],"date":"2026-03-27T22:39:09Z","url":{"schema":"https","addr":"xx-inv.com/","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"xx-inv.com/","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"title":"XX INV | Cryptocurrency trading and invest platform","dom":{"size":239804,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2644)","md5":"1e7b2e0f11feb2b56e3b6fceabfb2bb4","sha1":"cc09320657661eeb2239a9c44c54bf7eb988ea4c","sha256":"6d8aadc8cae6875fcb0803d8b8a2deb61f50f670c1c9b1a1d490f854540b534a","sha512":"791d4e1bccd30a1b4d7006402d2c4f1a11b721ae412a8ff55917f00f1f6e9358caaf59c0cb46916a7862471a558f7cc08d81daf6f66a88441655a870f5ce55e5","ssdeep":"1536:imp0+DGD3DuLDkD2DXD/5DyDPDTLr9VR8+4Xr9VR8+4mN5WFhsBg+O+N5WFhsBgQ:rgvLB1F1oMy","tlshash":"4f34d6f063f892e4f04193f8d63959767e6728ebaa12c14873ec1e819f9149d8c97c87","dom_hash":"domhash5c0ccc764a57ca10514d4665423209d8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"xx-inv.com/","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-01T22:39:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-22T22:20:05.651051Z","alert_count":0,"request_count":1,"received_data":28518,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-22T22:16:16.728956Z","alert_count":0,"request_count":5,"received_data":154755,"sent_data":2625,"comment":"","tags":null,"fingerprints":null},{"fqdn":"xx-inv.com","ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-18","domain_rank":0,"first_seen":"2026-03-27T19:25:56.237654Z","last_seen":"2026-03-27T19:25:56.237654Z","alert_count":47,"request_count":47,"received_data":2199236,"sent_data":20723,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"xx-inv.com/landings/js/news.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1c640d083b2dc81a6f9fbde817552e97","sha1":"ab789ac8a70af52dbeaf56b606d6914295a71eac","sha256":"3501416396bd8a484e2b3ddbec46e6cc515d68ac7a42bbc733d52bfa2a4e2329","sha512":"94c0d460ba6b4bff1419953fd2a6b828d39deb51363d774e632bd7ebe200d60efab1e8a91b5b503fc72f9f496509d90eaee206d736441e0b18f51baf1c311fc8","ssdeep":"","tlshash":"15c0805d1075718403a2cafe5474ca42c573013797d7493fcaf404f984ee5580afbb98","size":177,"data":"","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-01T15:53:33.139724Z","times_seen":145,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/js/header.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"63f1eb758c539563a116fd6205f2cbf3","sha1":"fbaf0ea4381ca7def60922205a42f6372afe0fcf","sha256":"4cf4cf24c46ef18a23275d60700a827e4106aa462659f46da1afc3807e8e33ff","sha512":"d138c6538254710cf342359349a96f1fe0669e444bc94f8bc3faede81c88c0c9240f7426c153788610d47c1ec99b98ede8956d3a163a5cb95f1aef9d9ce26cfe","ssdeep":"","tlshash":"41f0c269470c657a01a20ddbe7e1cee06e1058d7d440247215a5cd8f4be9ce2d2a03f2","size":563,"data":"","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-01T15:53:33.137091Z","times_seen":179,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/js/jquery-3.4.1.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a6b6350ee94a3ea74595c065cbf58af0","sha1":"b15f7cfa79519756dff1ad22553fd0ed09024343","sha256":"412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb","sha512":"f5a9c6aee347c155e4dd796c51716b7447bc22ae44741fceb6bcfee02f955ad4063d38613f241108a3e1f3e1f540fcaed8d9848b9a0fb823c00955cf9a19efad","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmt:jgZm0H5HO5+gCKWZyPmHQ47GKR","tlshash":"a08319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88147,"data":"","first_seen":"2023-03-07T01:10:32Z","last_seen":"2026-04-23T18:09:57.287945Z","times_seen":4575,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1b4e23f1daa5a9424efee0e6ca7fb63f","sha1":"278aea6325506a82f966dd87ed928a9075480a95","sha256":"3ff2b38a7c34d0f3f53d35fb7aff10e229c271df0fd87d29a27762195852ea5c","sha512":"67759e6f751da2b3efd4cd39b6dc3bbc141c86d5482c39db1c080ea5c19996086bdf9fc4d26649f04f4fdfc7b89c5d326c2479b1f28773d0b34aa10d75e3ad0f","ssdeep":"","tlshash":"bcf02709b8be6ae410f7755a399bce4878748ecbda184f12308e4cd50f0b15c385734b","size":467,"data":"","first_seen":"2023-10-27T07:31:00Z","last_seen":"2026-04-01T15:53:33.176342Z","times_seen":138,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/npm/swiper%409/swiper-bundle.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6169ccf7a9d58ed680db82c97f26746","sha1":"4ab349710f1444e3cac40a1c17def4173ebcd9eb","sha256":"81242d1bdd179ae12bcee722a29eebf2f5b7884eb050e5dc1670fb4361c61370","sha512":"f02d5d5aef52ca3787669abed1e0a1cecf41dd73d463d675329772d7dc20bcbaf2f75c25951e678a18afa8658515bfe2ed43e869e8a16d62dc8d57ad127b5210","ssdeep":"1536:DIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVua:EJCN+TXD2BkQZFU9tp8Mj0k95h5cpnk","tlshash":"fbd3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","size":140575,"data":"","first_seen":"2023-07-20T03:42:03Z","last_seen":"2026-04-20T01:35:45.726548Z","times_seen":556,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/js/app.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d07fddad2dbb2e1b33663063df276af3","sha1":"ff05ef5d12cab598273743b8ecba860d5fe3eb19","sha256":"84c100eb29667fada78eac7c2ef3831d2dfa9d01827c00f9a8c07a8da28231ee","sha512":"497e5b7368287addb7d29b29b80a3f89ee35f8b1fb5156b0b02bf27fbc6b238fbe78d4554ec7f879b982da6ff9b1e4750f1daf058c5f921c5032eec06afd48c6","ssdeep":"","tlshash":"c57122791314b93c02a30ad7e6e6aad07a343886d5411070a8b9ccaf1fd98d39371ff6","size":3615,"data":"","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-21T11:17:20.35118Z","times_seen":426,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/js/app.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"632bdd284f17fcd40eb5a0f445472e00","sha1":"7fc40a9cb81f873ee8b6ba04d30161a8d48dbc60","sha256":"87dbae4c0439ab8bf5607748f3dd35b7b138cfdcab2efc94a1bbf6773ed0f131","sha512":"c81b3463d8fface28b4fdc2f198b561ccbd5099935bdfff005cbf6e2ae5df6214e1764abc32be18285747ffd5770bcc05a2a3ae1ff61e5b069d430ea4c066765","ssdeep":"","tlshash":"31f00ecca80191bc03bb40c0226fd1c87c906832e0a1d1d501f7f34804941e512b5e6c","size":488,"data":"","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-01T15:53:33.15305Z","times_seen":177,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/js/cryptocurrencies.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"37257948808f476a1ff0737b2a22c9fe","sha1":"736ae1b7c5597458834c9704571b99bd45aa6231","sha256":"f6af42497aae5f14a17aa2d68c0ae2d551332e96f2efb23a428cdecff879c2b3","sha512":"3f5dcd87cf322f465879172c431b73e02eff51eec9eb4ed39ea29364fe8953577ddd8119434456b873ffa81e2d73c5376621d6b53a37e4ac0f98c9342d5cf440","ssdeep":"","tlshash":"7801b56b394e343555ce21bf42769a8c20aa013c754266e13e2a898c6071ca2f4aa9ec","size":749,"data":"","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-06T17:19:52.863281Z","times_seen":239,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/js/toastr.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a02ccbbcf3073559037a62af82bfdd24","sha1":"4d5f7b3f3f280698aa26b10e1d7c6dd5708d64aa","sha256":"27f959b17ddfe77ca20a31b9950ebc3fbe8030c3ac376eec7355b2d7925e364c","sha512":"35acaadcc160935be74fb1492b1b0ca205aed6b61d8bd8edf4e26254c7772da02941ec53de59e3d66ce1695cc12de4ed9cf32b750e04659c7c0e2521b4697f22","ssdeep":"192:JJZWM9gzM3t3QrpJvxl6Xs8cZ9tID6CqQwPjOoOg6yS21tl3jWq5T14:JY45Kk7cZDItqLNO6S21tNA","tlshash":"deb20a08695263654cb7737c8aab800cfb769323458a96067dbc92d82f70714d6f6fec","size":24854,"data":"","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-21T11:17:20.35167Z","times_seen":890,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/heebo/v28/NGS6v5_NC0k9P9H2TbE.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:39 GMT","end":"Mon, 01 Jun 2026 08:37:38 GMT"},"fingerprint":{"sha1":"31:A8:B5:C1:CD:F5:51:78:A9:8C:E3:B4:73:92:CF:C0:6D:69:48:19","sha256":"81:9A:84:FB:F5:4C:AB:82:DF:C1:27:CC:60:46:A6:23:A8:49:56:99:47:CF:C4:05:3F:0D:87:31:DD:2C:23:A2"}}},"request":{"raw":"GET /s/heebo/v28/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://xx-inv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30116\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 22 Mar 2026 02:01:49 GMT\r\nexpires: Mon, 22 Mar 2027 02:01:49 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:57:34 GMT\r\ncontent-type: font/woff2\r\nage: 506219\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30116,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 30116, version 1.0","md5":"480b1d24f2aa69252a57d434d50a5288","sha1":"6128ad01170e7ace7e1cfa1d7c3d3dbc93242d61","sha256":"50dae2e12dae22c920388023e35aaebcd1e1d27bbe915c83d64210377e083e60","sha512":"db3d713d158f992aaab42936324d64b3edae8d5afded25bf1f2ad4e9380466a5a3d2f061f0a60293a20070b357f693ac0a3b2ee8f159cbc04aa33145db1003c7","ssdeep":"768:dtra3jdzHzeBerSkbONWaWIomeJQ9A2x9qvg2J:72j1qw58W+eOe2x9+g2J","tlshash":"b0d2f1234292dcaae76490b0d8385253409de8e4265b9b49b434cd2ebf7547103ebffb","first_seen":"2025-09-10T17:46:19.009186Z","last_seen":"2026-04-23T21:45:58.551052Z","times_seen":3796,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/img/cryptoicons/usdt.svg","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/img/cryptoicons/usdt.svg HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eCIBUFSYRGuKs0wcf%2FYuVIMzPMRGcADFeF7hnh6fJDnOoHm2aQGQH%2FWF3ZiWBoYwDarPRqKgHNXZcvohY9sRHl%2FAlYzNKx%2F9Jua6z5qOW3PeD7biLABBtVZoudPm\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32ba9dd0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":704,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"eac1f7bb15967c89034b440b095ad74c","sha1":"5da1c6617fab973a2501cf6c01e083bf45aa29fb","sha256":"e0636ccbdd55d437a62c09b1355f2f018614418dc9b28d223bb2820fcfd88765","sha512":"d1aa4e69ae573e30c08d4337a91e4602eadadc28f3ef2b08e0776c156329a0eb3dcc7abe9384c4718b5c12a9d0c32c6b3455178d724b36ece1b716f0cb3130c4","ssdeep":"","tlshash":"1d019c794145c95cf51085a9db99310425b871fad2f258b8f9da12127c41cf60834fb6","first_seen":"2023-06-29T23:08:25Z","last_seen":"2026-04-21T11:17:20.33649Z","times_seen":387,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-27T22:38:47.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-language: en-US\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1qbWDEAY3JL%2Bi1EgBaDZN0mGGOU40sTizmXPhYSHwpIYdBBQiD1JB5h9ZAMEtLAt1OwrJBNW94kZLUcAp7wGtf0%2BkHlUK5VXl3uKx0%2FCx2TwH63kxU3hzIm8PhvG\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e31e329983f56be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":241203,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2638), with CRLF line terminators","md5":"fec7632d588c0ad14214d74f02ceca25","sha1":"411315f41bc82772d4e99d6799542cfd80d977d1","sha256":"a129d583f923cf9888e85120929cc4e2e0794488b4b6ba0f67f3e144a99f744a","sha512":"aa45d85edcdbf1740e806d2e2b74b99e2f4907d6964186fa342dd7c532f99ad5a709068bac593a0f1dd8272d9f0727eb6cff36079cea620d56bb06ab27952562","ssdeep":"1536:6prXMDbD6DxPD/DNDeDkfD3DuD9ZKMVR8zKEKMVR8zK/7BL+Wx7D+Oa7BL+Wx7Dc:8Ioy/ZRZC","tlshash":"1b34b4b0a3c8a1e5e15293f8d63959b5fd2728e7aa12c14973ec2e839f7141d8c57c83","first_seen":"2026-03-27T22:39:12.519703Z","last_seen":"2026-03-27T22:39:12.519703Z","times_seen":1,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":44,"dns":29,"connect":1,"send":0,"wait":117,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/global.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/global.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pxyBPlJuazw%2F9CWP3d8RhREaNIhUJwjrincqOhf3QjCLBhfPbq8tH2lN9SUJZ27s9WcTo69F1z%2FPhgHThv8CtlPDjHNexLn%2FFAVRQsYge6aonbVtMXhyQu0%2FA6YP\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b99c70daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1403,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"50533e1a0401a2a2921900752c2190fa","sha1":"9baaf23f887068b3558a49f998f1fc2a03bab16e","sha256":"3e6ef13bcb06dce69ad13735ef58fef9609c4e91b988eef1e06b6dabc5b9f684","sha512":"71360bbf973ffc1b09f796ae56a2ed6bf9dca117411c86558e5e10a00926a541d7f94fc3f9c48bf1b2f753573b3d91731602017b70bec56688d58b7790c4fb21","ssdeep":"","tlshash":"3121b9b7aaf00a55616b8918a389c79833990533460ccefcfef469b8db8178501e03ad","first_seen":"2025-06-30T12:31:55.384853Z","last_seen":"2026-03-27T22:39:12.522232Z","times_seen":37,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/account.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/account.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5U2Y3utegCsA8tiLBFQaslGOGU4IzKdUHs45K%2BU53QImjOqdJ0eZR22cT5otQvCl1a8aGATmdWUhf%2BHsVR82NadpffPa61kibEwsVrrhKCX5Ig8FMKXj4fQzFlYD\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b99d00daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1851,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e87d1bc18b937963bec54e954fbbc677","sha1":"46306c939e83fb22903cd56cae5cc6f638fed61d","sha256":"6fc57e8b497af00c9248872817f97932896df90d7ddc2f5ede4d67106ae463ce","sha512":"73c4967d6d7f71f4238f46d41e71f61ff6fbda24cbddd25123bc8dc5c4a18c450c12d4c7e3443893bdfc2b5f237a059f6ac13d7e0b413dc9ec9c1983933ac015","ssdeep":"","tlshash":"aa31df9696a42d8c3927e0ecb4722759937c4002d20eed7c7af531ec7fc62e18133a95","first_seen":"2025-06-30T12:31:55.396339Z","last_seen":"2026-03-27T22:39:12.523545Z","times_seen":37,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/img/home/Illustration.png","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/img/home/Illustration.png HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-length: 279011\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vxIjy0TOUQ7rY8RrkIVz8aefxRiFfKjiTEa7x7rmq49wyzsPJsMlqfzicJYp77DabqfMp5E1%2BpIm6t1zhFMvxGLJpebb%2Bw9FoBYrL5EcWromuH3KriJsD4lKJqST\"}]}\r\ncf-ray: 9e31e32ba9d60daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":279011,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 635 x 525, 8-bit/color RGBA, non-interlaced","md5":"2b3755eef9bd1ef29acead10fc1f9a0d","sha1":"b8528484ee20480f291f75c9a546e8e1f47f262b","sha256":"3c084cfbbb579fbc872d6166a101df16237aad9362c49ba1e9ca347d76c9b0f0","sha512":"57b573c3503e16942afc5d4ea607d99d1285b02ba2bb20c75a451be8058ba698ae6c4ff3467099106f4bcc51d626270f45bbd7a7081a0bee1919e8c405dca4fa","ssdeep":"3072:5UAoBVovGW/u0QFssabjHOvJNBgyXPt7NlJZTc10pLHh86QvYh65nnuh4zRbA8+x:5wJW/ciCzl7Ntg10pLqb75nnuKZ+Hp5x","tlshash":"3254238ec4be432d14860b18c0508d75cf4fafbfab62d41eee5b71c5717685f29a9282","first_seen":"2025-06-30T12:31:55.37177Z","last_seen":"2026-03-27T22:39:12.524763Z","times_seen":37,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/img/cryptoicons/doge.svg","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/img/cryptoicons/doge.svg HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y9kegSfU8V0UGgPelI8IcdIOfEFiqN3y1FzF3OcBXz6jrFznqTrfXiWEzLMuCNSuYA0Ruv860wOY57LCuHQqjDjouzZLxQKl8X3uZP7wNccLTvw62q1gMl6Z7f0d\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32bb9e00daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48154,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"67d2dfdb52eef2b80841495b78f1018f","sha1":"e6936e824ce5c278de5f8d7b501089499dabb680","sha256":"b6cb5aced522b0baafd4f2e9f965ec537a4d6af3e6abbbde71adaa3f502cf2ad","sha512":"5b6edd3c5cebbcd506cc31e647dfc89ad60072ab02213c7ae2a64a8bfa3401c8494068bd58ab44d98c0626567c80db60be19cb8c98bb8367a689af6f7084095c","ssdeep":"768:hf0GUz54Ieqz06WiyE7ujsxZHiU4BwGB6SoBj5I2Pns2v+TihJ:+pD1WirujsxZfeMIqqiL","tlshash":"3d23cc3dc358e3399c9387bcab2aa0e6f4ce55afc1e0d3985169c4b073911d8a38d9d5","first_seen":"2023-05-24T12:00:49Z","last_seen":"2026-04-21T11:17:20.340511Z","times_seen":393,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/img/trade/tr2.png","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/img/trade/tr2.png HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-length: 39321\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D24kZzTs2C2jfcSXbi25oT75aOpcwpZnnBF5lNKkYwtX3jg84vOqVwJ9v0fq8ga%2BDxVIVo%2Bcl8YV%2Fd5HMatnO49zARMVA9ccwjMdTEmz9Flg9MnLYWMrpoLhg2un\"}]}\r\ncf-ray: 9e31e32bc9e50daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39321,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 160 x 161, 8-bit/color RGBA, non-interlaced","md5":"25befd53afd4ca582404c4e05a5949e0","sha1":"f2dc47455fb726f8ba89561e6418168471fc045e","sha256":"0727acb620b0f163071a751bdc3188726d6a1a5ea94509334109e1c3b8e5ec19","sha512":"7f71b070d8b1da435e370d7d3791290fdaf53ed7c7d0741165d93c30069c8d6871c884d1dfebf42adb93d8d556b7de8f6b0244564631612b44c2b7cc2e42b7dd","ssdeep":"768:7uTDY+kzUofaunp9St5dWBjgfu1YkGxcPNS54EVu9EB8JR6H:yTDYDzU2pw5dW2IYpxCi41uB8JRu","tlshash":"e503f15c7b831f663cd682e351865c21223f99bc9801192dcc1417bef2eef46655ee42","first_seen":"2025-06-30T12:31:55.418309Z","last_seen":"2026-03-27T22:39:12.526638Z","times_seen":37,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/img/brands/brand3.png","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/img/brands/brand3.png HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-length: 7686\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t50L0Q0j8N7D27j87suGam%2FGn8MOU7FiHUNXkEtGRMFq%2BqcRxLN7wRxqbCNHKb%2FZHHfKoxdXDuZKvPkQqiG99HHsJZN4515T3OuHqtwKggXxsueFdlLuTR%2Be8xgF\"}]}\r\ncf-ray: 9e31e32c29fb0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7686,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 273 x 38, 8-bit/color RGBA, non-interlaced","md5":"058f0ed46bb4c79b1dd8549c18731077","sha1":"442a0c0160731e8de4dcfb0605108cdf1c63c1c0","sha256":"d09d28a30e6fb3ddd7d8726bb4ff0476dd6dad96ae31b7fff8201a8b75926a43","sha512":"6064bfe447b3ccf81bd361c51ff1052fe26e386b1dc7908a6656bfa8657e6a6ccbc0c0ae54af376b7744ced614f7b444bbe1b7f512c4a1eecdcccc4f0d5f4b25","ssdeep":"192:iSzHGjYhlKc1+LX327vHvNlS87nc5psvabpyl:9zmjYPN+YvNfc5mvabIl","tlshash":"5ff1bf6fbfb386be6ea663a223931c0e1871704964505e74d90c4c0c7237c7a16687af","first_seen":"2025-06-30T12:31:55.410903Z","last_seen":"2026-03-27T22:39:12.528562Z","times_seen":37,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/img/cryptoicons/trx.svg","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/img/cryptoicons/trx.svg HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OOoqaxuo4hL8koQIok6HgVb4bjJEV5AnyCDjEDMHtt%2FP%2Fgmf2IsNc4rlvPGPmrY6wcegR5T0njhrCfalyKLhL3QfBX9hX8XT542esL25dPQPBSEB1MNANdrgPiRK\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32ba9db0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1172,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e1d0e43489bbca2afd7945d6ce212f4d","sha1":"1d386aed1d936e5c442dc34796bf6ea72eab8a15","sha256":"b9a9f2e5f95168b5b1cfeec951f2fa88779830be1c830de2a7764d254620d652","sha512":"eb3d241a3aea7878c1c2d62b1ad6d6ab0fa561c0557a11cb835961addc1a6b668143fce4ea7dc0a660fcf5423e8145a144a253d16c1bb897fdc6a4cb166b28ab","ssdeep":"","tlshash":"3d21115d4204dfbdac52866967b0adc573b2548ae530ead8acba147fe81c4835288b0d","first_seen":"2024-08-20T12:48:50.792117Z","last_seen":"2026-04-21T11:17:20.338999Z","times_seen":113,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/npm/swiper%409/swiper-bundle.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /npm/swiper%409/swiper-bundle.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jEzFKwHfMLpP5fq5TMgTkC3vo6EO2gZhIR5UWj0TwOLIaptTAu0%2Fciq0IqLUw24bNF5AO5%2BKZexX27nLf%2BGWyc4U%2FHEdKlveSS0loLbedv%2FcGDSmj%2BnaoQZvADXe\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b89c50daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18077,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17812), with CRLF line terminators","md5":"8aa3f98e02499b9046bd9d4ed02c6fca","sha1":"08d56a14d5a20887413a32d360cf16b491d1a4c4","sha256":"910c8b82fbdf93e2bbf25cec82c501e8f0f7bd0403b08789db126479d3f96538","sha512":"171d50dccad4330ca115c5b78a6d1e878f0102297489169d8a4d97d94cede5bf99ac0ca4b68bdf89253b2c9b0be7a894b2af239b3601523b685a1f1250f0cf75","ssdeep":"192:rGkmUJbiKne0JlXZHZ+Sme+jexS4nxep/a2GZb0Q5nfufKlAYfg5fyeesedOJ9Aa:ryUbe0JdZHZ+W+SFnZ24tlWfF4XYz","tlshash":"a08244a86340282753274f364b71cbb9dd7444d20f9389ae91c0ee48d7f6db9136f2a9","first_seen":"2023-10-27T07:31:00Z","last_seen":"2026-04-17T12:41:34.880908Z","times_seen":485,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Heebo:wght@300;400;500;600;700;800;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:47 GMT","end":"Mon, 01 Jun 2026 08:37:46 GMT"},"fingerprint":{"sha1":"84:E2:03:36:CA:39:FF:65:64:D9:12:E7:E2:28:88:8C:3C:A0:CA:BA","sha256":"45:AF:9C:39:77:2B:D1:D7:B8:04:BB:2C:0E:98:C5:BB:8A:E8:99:A6:C3:AF:7F:90:AA:23:EA:F2:8F:AD:8F:B1"}}},"request":{"raw":"GET /css2?family=Heebo:wght@300;400;500;600;700;800;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 27 Mar 2026 22:38:47 GMT\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27832,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"84a845ffcaa69d6a99ff99a71a782517","sha1":"e8e232d0a8bc6088736bfbf3b448c83a11779b61","sha256":"31a19970c67af915788641d912ed51f8d5e483c80243054d17942c87bd810e42","sha512":"34ad58f2ad8a85ec7107c8cf9ee08c9b430983e7cbe1e1ba756fcc9d275887120397fa3e0783991fb333bb80669d33d42eb7a83742aae72d8eb10656f3a084f5","ssdeep":"192:RyCyzqOyWbqGIwVIyMLyiyjyzqnyWbqGIwV1yMqyRycyzqAyWbqGIwVWyMZy4yFN:luqYFPqYDwqYNxqY3iqY1jqYTkqYt","tlshash":"21c240a1041714009b8728e212cdbf75ff0f9390b1589075a7fe8b97ee8edd592a836d","first_seen":"2025-09-11T16:42:45.120531Z","last_seen":"2026-04-10T14:32:56.002205Z","times_seen":136,"resource_available":false,"data":null}},"time_used":438,"timings":{"blocked":185,"dns":1,"connect":29,"send":0,"wait":46,"receive":0,"ssl":173},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/header.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/header.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9GMaQdfPskCpUzycHBzkdONwsh9J6Oz1zcsT6zGQcRdFcjD17fTKXbhbMGLUrkJUo0lW7LHr1wiaC9EQYO25NxuD%2BxgYhfn7%2BC%2BDR5TfZCUI8i7pUEqn2Uqgdn1l\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b99ca0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5268,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"de6df89dfd36d366a98f4b3b0d59b7e4","sha1":"60a00e628bc51f848bdb1a6e363f82bc6120f5df","sha256":"0011b229841a5a96ce78e71373096c56f74a7e4db3f2fb1589cf64d68d89dfb1","sha512":"85564f3463b21ed208f521593b25f29c0e4c178c288c9f419700e460826d5d2ed2c85f38caac2ef321f7b177923b48cdd9d8d3fa7a3329a1a605798e75af2880","ssdeep":"96:P1SClCfSa/YhpKHBCyCEEqnCEXMFGUHN1A1V1sKr+PoX57+CftY48XyEi0XyY:DYNH0R1hFGUHN2LeKr+PoX579qPXy0Xt","tlshash":"22b1cc5a5b121524b817985ad7a01f1273b9e007510ff9f63bc3941ecfc768adbe22ca","first_seen":"2025-06-30T12:31:55.386634Z","last_seen":"2026-03-27T22:39:12.533752Z","times_seen":37,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/calculator.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/calculator.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w7L5Zy8%2FvmRdTfxmqvfHUsvK2HmWRAC2BHD%2FUO60EgL098D2zs1%2B7l4SuFiT6IzN9r62ov0ZBTQSjA0D%2F8iN2QNBsKuWkAH3NNYqty849lIOo%2BNCE4Ub1iu%2FFpUD\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b99cb0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6349,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6349), with no line terminators","md5":"3fc0402fcc4fd6d1f9e6499181698b03","sha1":"61fa5f2d3f41289de810c170f5eb76226f312781","sha256":"c44c0d7deb0e4ccb7b3d68e35474a2d01a700c3b877dcdd64d46c2d3fcb4273a","sha512":"802942f16b3b4134d131314d40c041ca8ee7ffd73e8271d2140c17242af91cdc2072b5003f8999c11fed97d6649b0103b011db7368839ff943b91442963152e8","ssdeep":"96:Ze38f87W0+nRjy7Qhf2a/22hg2VlRkkDkZccM+hFbt:Q8f87WjRD2au2e2fnHJ+T5","tlshash":"3ad1443324151928b527dea227f919dd718cc263e11327f9f8a1a96ad3c33c705f2e4a","first_seen":"2023-07-07T00:41:00Z","last_seen":"2026-04-01T15:53:33.169666Z","times_seen":143,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/footer.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/footer.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nL9RiFebDWhrFv02KDLC%2BZSEfcnlZ66Ac%2F5oQw203vZZLZFMUzARBteXXXejRLW2zJ8kEw2XKt0et9iEZMnd6V0tGUa3bfCGyBv9zgyv%2BpT8uAgMK7nJ5qMsYNmH\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b99cc0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4370,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"cd6ecd5ef8f29f2184ce1806b9911b6d","sha1":"d10b60760c321a0c2f9cb75974ad5f6f794e9278","sha256":"912dcb30cea7d3ba67d77ffc3d97a578f80d0cb46f477f9176f81df9c180fd72","sha512":"419a0c64bf9d75d82806fc41511c11ab958cd5d6fb247ae2e301f20557f5653d250dc333fdd0a04efd4b26a322076a1abe5461e0624c4513d737a4519f1f3c40","ssdeep":"48:wPa8q8jXRP8HCMSFXFgIcMqLzcAlMlCAbFBE9PFl3HurysQIaXPZPAPqL9oa9a:wC8vjXpwC791gpa42FBE1F1fPVwgJa","tlshash":"8991babf76b5051868576850e7972ba563bcc423410efaf1bdd1620ccfcb2c99d9228e","first_seen":"2025-06-30T12:31:55.38099Z","last_seen":"2026-03-27T22:39:12.536881Z","times_seen":37,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/home.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/home.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fz%2Fd0JdFQ%2FhFk2exzHM3%2FZB%2Bx3%2BeQnmr7l0XO9Wqxa%2B2igOwZgZnOlARcjXhd4lqG7ZtnVcFjSM3D178ouTI%2FxL6nhiXhETsBErIbVgHZBEIQASMwPxFQ0zP51wQ\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32ba9d40daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5590,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"0390396d19413a826f3a2953bfa85047","sha1":"677ba28044070e499b6e6d667c48921bb6f486a3","sha256":"e9ae569203cd1dca93689b27eb7acc120d17b49cd8a7743a3b162710159c5efa","sha512":"680b605f4542c70aac31fe66b7280cf922c3556093e63a6f2e3ad87821a1b3a623e863f974506691a093115e37fd7e9f6641996315c0dd7b8ae3fa60a6a8ec4f","ssdeep":"96:jCN/A5/MvtKXBTsYe92FdJVnzPE3FvX3gFvX3pX3NCzXyESawfhsrUJMlSbYllJ:+lU2sXtpFTVnwFvgFvptCzXyLawfhsrB","tlshash":"7ab121976bb2260c795b9168b7da0764773cc003511eedf9bad1194cdfc01e0b7a278a","first_seen":"2025-06-30T12:31:55.369955Z","last_seen":"2026-03-27T22:39:12.538207Z","times_seen":37,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/brands.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/brands.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dI9X%2FhvnKNomkNoxUN0Uxrbz9FdBTyAUGBHDOOxXytlp%2FURQLwIQnbAgEh3zdYpLWgyu%2FSkmusKDGQhhSJBq%2BADxL8TALAnFz2gINxN4QcJKIxSWON%2FUMmZ%2BicXw\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32ba9d50daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"97b4490508a54f6d89ff62e36a8d62b9","sha1":"869b89773768d22da323beab32eaedfe265195d8","sha256":"54eed0534fabee0a379e97f86c7fbff1e03eb086721a02eb4d01d58b8c285f87","sha512":"a68704f4eb36241cd8504f468a270334b7f1199b00a9dbed25edeebefeb85d549f8794036fb0e82b6da5abbeb57ddc1c2caec927e54fd54b4a3f65225423fe38","ssdeep":"","tlshash":"81c09b970064296d9e56f4642ce405d1f0cd9497d34eadc921f5018c1cdd69ea1f7fe0","first_seen":"2025-06-30T12:31:55.403884Z","last_seen":"2026-03-27T22:39:12.539272Z","times_seen":37,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/news.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/news.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VcJzR4Ax%2B5OCxqMzJve95yafXp6lUHbB%2FZBtxnIt8z3IMwxS%2Bj24D%2BzrDT6Yg38yrAHdDSKh3vDvq0ssY1NIOgIP%2FbsjBkzkRYDZWYOhbF7dn5Wn49RnHELQ1BxO\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b99d10daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":700,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (700), with no line terminators","md5":"1c5de425fdd767f5563637457072800f","sha1":"fb7895735d2ece4044b494c1e127db9cd560eda5","sha256":"37996a8f2c6254a7c2f161dd1e631aa5de6a4c9a331ce2e519e90013d367eb78","sha512":"c75a66fb0a957c10aba5ca34c9dcb6eb24c8f4cd8199b6fedd1c3cb14d4826137e13c395e4fea509936f9ef0ac3819a7970411e3ea9da5b20c5f8783a345f9b9","ssdeep":"","tlshash":"2b0140584b54239fb12b86e5d3d385dc817ac1a3b7420e9fd6e96cb2830502c3432a98","first_seen":"2023-07-07T00:41:00Z","last_seen":"2026-04-01T15:53:33.151752Z","times_seen":144,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/img/cryptoicons/btc.svg","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/img/cryptoicons/btc.svg HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q4KAPaqpAt%2BwAeAurG7gR9F2i28pikoh9u1OHFbpKR8dcvdjAoYA8%2FOBj%2B7w2SHsb60%2B%2FXtXxXWkFq24tNzsv%2BdydlK9bj8v%2FTDnqUcQrEkcMh%2Fhz5FK81mDLjAO\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32ba9d70daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3705,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1e959a957e7815d3c97ffcfa927a6ac3","sha1":"be033b9cbd925aaab0b6244f715c5d3f34d1cd5e","sha256":"af4022bb60633db1a667a52e1746eeefe6384b81825b13155a93b47f88cdc3ed","sha512":"244d59641af74b45d0b9079ccf7a3f9c241e8888a6fb15373140a730cb21f7fddcb356ccac93eb91e1c854e848f7be1ae92987176e5924ac8bd90d456014b658","ssdeep":"","tlshash":"7671b799e3fd84d6e31c8564ede1250a875c609342040d08bead5ca4efa25d2f77bb98","first_seen":"2023-10-25T05:58:22Z","last_seen":"2026-04-21T11:17:20.346881Z","times_seen":360,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/img/cryptoicons/bnb.svg","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/img/cryptoicons/bnb.svg HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0DHf8oOz2Fcbfi8RctAek6NfGaE1W7e0BP5rvt4Ir75CSsFn%2Fi3lIh6haofKW1FEyokUi3gJPxr3AEEsifeMTc2qo%2BHDE0XltkR6GDLcHwqYU8e3rEDaKdfNLYiI\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32ba9dc0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1871,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"faad1f8773e47415f372e48416f460e9","sha1":"9e1e10f8554a43fe3e9e870b7409636370af597b","sha256":"1e3f4850b5e106283bab874805118c2bc246923e52ac418009c0af133f5af545","sha512":"55966d0ca64f991e97ed14bcaced6a7ee4b7667e4cb33f308c7c92794e5116ab2a86be72528f880a111e593e6c01cc56b00e40cf786768de954a1184b7647154","ssdeep":"","tlshash":"863101ac41b6cc3de23583f409b052d816e6ac77f100347cb4e59b52bd24ad72a85ede","first_seen":"2023-11-19T01:14:24Z","last_seen":"2026-04-21T11:17:20.339504Z","times_seen":335,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/img/trade/lo2.png","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/img/trade/lo2.png HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-length: 27339\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8TJMhtXVNpRn8Gd8G1M2H8YrFiiJ%2BIYOYQz8UsViGLqEsCg48OWgZOx95PnbkmZLD%2FVS0BKOowIPuCqt%2BLRZH49JH02MEnrpSYSeqhGeuZplfDUEsGQfVba%2B5iet\"}]}\r\ncf-ray: 9e31e32bc9e40daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27339,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 160 x 161, 8-bit/color RGBA, non-interlaced","md5":"dae3d7afdfbf1cc9b45685e2aa044ebf","sha1":"fd1f259aaf4cc899f11e32849b4f74e89d6461eb","sha256":"909213988ed470bf4d1c02439c460e94cc25b44cacc2ebf2eec52b8085f2f55e","sha512":"85bb833daa4d6a919cec852a866ee3da1490b8ad530c9aa6a7ea0e2f25e7c1376f51db5d0d72f809248b8598d81bffdd468cf58b8d4e6516ffa74a1c18dddd1c","ssdeep":"768:+6jhKKmkQyVe3xQVP2OpqYet5Bx/jDMGab48qdo2R:pxmYuEfGzxsGaNgR","tlshash":"f7c2e13d29f70dab06ef9328395579cb561a390aaa548b1d1e207475cea0ef91e8840f","first_seen":"2025-06-30T12:31:55.365076Z","last_seen":"2026-03-27T22:39:12.543448Z","times_seen":37,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/img/brands/brand1.png","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/img/brands/brand1.png HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-length: 6535\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uV1zt9q27Ij08Gg8GI05aAiF7RtsFTVLT0M1RNnDNQfmECWassOlcQIvApmxQcCq0CTko6i8B8bhR4IammKcGyFS62WORkPQbsUcVIi2KStUIwJEZlYTUqjRfzup\"}]}\r\ncf-ray: 9e31e32c29f70daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6535,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 280 x 40, 8-bit/color RGBA, non-interlaced","md5":"ba147c01b9f46cbec387832502920bd2","sha1":"6261e5db52043eec330960b9970d5b29b780f80b","sha256":"fbb0f6fa5a619ba3004258830113951e4ebe7943055db2961d92e1463b4c669b","sha512":"69d13676030c8cf8641d115cb87b511bc01e0bd99e55591f90c53c11bc92423c8e6617dfaa128c6752983ed9ee60239417bd8d7aa49e5afc5d98d01900171c73","ssdeep":"192:SS6wLr7bqsvzvAjIX5eGW9uTOuYJ/7tqT:t/LOsvzJgGlVStqT","tlshash":"52d17ce5268044bb4cacecb530a9bff7a4757b26209871bca48616fc58d27f081310bb","first_seen":"2025-06-30T12:31:55.376774Z","last_seen":"2026-03-27T22:39:12.544388Z","times_seen":37,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/js/jquery-3.4.1.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/js/jquery-3.4.1.min.js HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/javascript\r\npriority: u=3,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N7aXEWAtCsaj6VDyW7pLJNf5GeJpo%2B7WQ2Sy6viwyokLIyZS5rHUwP10BSbs8FZJoKsfxXFTyy2v30W5UKJ76NXs4mk13zn027z7yAmwuTBrRMMQ%2F%2FdVcO4zsz4C\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32c29fa0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88147,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators","md5":"a6b6350ee94a3ea74595c065cbf58af0","sha1":"b15f7cfa79519756dff1ad22553fd0ed09024343","sha256":"412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb","sha512":"f5a9c6aee347c155e4dd796c51716b7447bc22ae44741fceb6bcfee02f955ad4063d38613f241108a3e1f3e1f540fcaed8d9848b9a0fb823c00955cf9a19efad","ssdeep":"1536:jTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPmt:jgZm0H5HO5+gCKWZyPmHQ47GKR","tlshash":"a08319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:10:32Z","last_seen":"2026-04-23T18:09:57.287945Z","times_seen":4575,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/js/toastr.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/js/toastr.js HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/javascript\r\npriority: u=3,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5P%2FdgB8S10YFucWo%2BTxqm6Wg3hsaaMmO%2FJOu8yBlo%2FmPuJ5m9kXZvlxjTlou%2BD70lWKJFFjfQ4brzSA%2FmgiO2MHlJTXiCucY5Up7tCL7bXmTMG4Uv%2FobJ%2Fh0p6wp\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32c29fc0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24855,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (327), with CRLF line terminators","md5":"a02ccbbcf3073559037a62af82bfdd24","sha1":"4d5f7b3f3f280698aa26b10e1d7c6dd5708d64aa","sha256":"27f959b17ddfe77ca20a31b9950ebc3fbe8030c3ac376eec7355b2d7925e364c","sha512":"35acaadcc160935be74fb1492b1b0ca205aed6b61d8bd8edf4e26254c7772da02941ec53de59e3d66ce1695cc12de4ed9cf32b750e04659c7c0e2521b4697f22","ssdeep":"192:JJZWM9gzM3t3QrpJvxl6Xs8cZ9tID6CqQwPjOoOg6yS21tl3jWq5T14:JY45Kk7cZDItqLNO6S21tNA","tlshash":"deb20a08695263654cb7737c8aab800cfb769323458a96067dbc92d82f70714d6f6fec","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-21T11:17:20.35167Z","times_seen":890,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/js/news.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/js/news.min.js HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/javascript\r\npriority: u=3,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hy5RkpasM1SRFnjjfPICrth21Dw7Lhy4Vu5EkY%2FLFCoA%2BZfsRrXeVIjX5X3g1fp00taKHEePhLVIh93Lnhpe69gOh5qSskdsVnsTG7kJGsKvWU5vND1Ez%2F3kuk%2Bj\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32c2a000daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":177,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with no line terminators","md5":"1c640d083b2dc81a6f9fbde817552e97","sha1":"ab789ac8a70af52dbeaf56b606d6914295a71eac","sha256":"3501416396bd8a484e2b3ddbec46e6cc515d68ac7a42bbc733d52bfa2a4e2329","sha512":"94c0d460ba6b4bff1419953fd2a6b828d39deb51363d774e632bd7ebe200d60efab1e8a91b5b503fc72f9f496509d90eaee206d736441e0b18f51baf1c311fc8","ssdeep":"","tlshash":"15c0805d1075718403a2cafe5474ca42c573013797d7493fcaf404f984ee5580afbb98","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-01T15:53:33.139724Z","times_seen":145,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/img/brands/brand4.png","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/img/brands/brand4.png HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-length: 10517\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sNSK2DEgp4PnWpZzUpiXLd%2BMd%2Fv0H4Atr4%2BUv4D58yQAjgu5ipxaDsoW2EiN%2FrScRNZsvablhwtNQVN%2Bcc%2B40Dnt%2FgnVMi1w6izfn0miekP0VNSp3gfqCKwTyV%2F9\"}]}\r\ncf-ray: 9e31e32c29f80daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10517,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 406 x 40, 8-bit/color RGBA, non-interlaced","md5":"c8fcbcac62f1a4ff8aafd52a155ac82a","sha1":"5ee10030f924e4d06e611fdc4bfd88e5cad4b061","sha256":"1ebde94e73bce4362620979b9a0ae941171d39fc7043285e18e8289f1a9fda2d","sha512":"2bf9c72a63ba972f7bbcb72f7441f6ab47d8c7f5f19d149e70ff1f8054be133098b1c4eed6198a96efad4232d030e921b2a949f010c0d1e67e1c60428734b600","ssdeep":"192:hSRp//61pin9NsLhL7ATKfarfCjMnMZmo70+txjfcWUCl8EUTDFxuHYj:IvtvsLhvUr2T7nUCUTh/","tlshash":"3222be18bc3816ea4d77e18ce031ff848c944a24726653916bd86deef63b4e2c65c1a1","first_seen":"2025-06-30T12:31:55.368106Z","last_seen":"2026-03-27T22:39:12.547987Z","times_seen":37,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/img/account/accoun2.png","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/img/account/accoun2.png HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/landings/css/account.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-length: 372049\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kPzaZAhwFukZSq0cHNAlOffAsP6QdTMAJCKMgXU44tqt%2F7YKQeqf2colugFvogdNrPvyOYfs5de%2BR6IX6Phz5mHAkTN%2BwPK0qFcSelDqPWapXFIDDJfddqIvsKi0\"}]}\r\ncf-ray: 9e31e32d9a270daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":372049,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 561 x 529, 8-bit/color RGBA, non-interlaced","md5":"ca4848893610f30672f5c6a05ba98ad8","sha1":"4cc51b135128701b9e6e5ae4ddb0e4a9ac839c5f","sha256":"26d1f0f031f645805533d00cd1dc1843f627f541c8a23efe37ab33918670fa7a","sha512":"0aa3423921d92e7fd45bea866ec9109f420fd8e7cdfc629602b88d70e690bcadfd0be4acb061cacfd0521e3a99f56f803c7a203675dfb56624603195c329f6d2","ssdeep":"6144:gBVtTpwdGN/vKkce6pULNMfYvRiLkspZJz1HE+Mm9SVgE7ZNjQt7SwU:gBCMAm6YbQpZh1Um9SVrQt7PU","tlshash":"478423ee76f24a381260bbe0980296d510376712ce8e5c5de735f8756a2e8d40d8a7f3","first_seen":"2025-06-30T12:31:55.400546Z","last_seen":"2026-03-27T22:39:12.548941Z","times_seen":37,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/heebo/v28/NGS6v5_NC0k9P9H2TbE.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:39 GMT","end":"Mon, 01 Jun 2026 08:37:38 GMT"},"fingerprint":{"sha1":"31:A8:B5:C1:CD:F5:51:78:A9:8C:E3:B4:73:92:CF:C0:6D:69:48:19","sha256":"81:9A:84:FB:F5:4C:AB:82:DF:C1:27:CC:60:46:A6:23:A8:49:56:99:47:CF:C4:05:3F:0D:87:31:DD:2C:23:A2"}}},"request":{"raw":"GET /s/heebo/v28/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://xx-inv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30116\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 22 Mar 2026 02:01:49 GMT\r\nexpires: Mon, 22 Mar 2027 02:01:49 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:57:34 GMT\r\ncontent-type: font/woff2\r\nage: 506219\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30116,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 30116, version 1.0","md5":"480b1d24f2aa69252a57d434d50a5288","sha1":"6128ad01170e7ace7e1cfa1d7c3d3dbc93242d61","sha256":"50dae2e12dae22c920388023e35aaebcd1e1d27bbe915c83d64210377e083e60","sha512":"db3d713d158f992aaab42936324d64b3edae8d5afded25bf1f2ad4e9380466a5a3d2f061f0a60293a20070b357f693ac0a3b2ee8f159cbc04aa33145db1003c7","ssdeep":"768:dtra3jdzHzeBerSkbONWaWIomeJQ9A2x9qvg2J:72j1qw58W+eOe2x9+g2J","tlshash":"b0d2f1234292dcaae76490b0d8385253409de8e4265b9b49b434cd2ebf7547103ebffb","first_seen":"2025-09-10T17:46:19.009186Z","last_seen":"2026-04-23T21:45:58.551052Z","times_seen":3796,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":84,"dns":4,"connect":7,"send":0,"wait":9,"receive":9,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/heebo/v28/NGS6v5_NC0k9P9H2TbE.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:39 GMT","end":"Mon, 01 Jun 2026 08:37:38 GMT"},"fingerprint":{"sha1":"31:A8:B5:C1:CD:F5:51:78:A9:8C:E3:B4:73:92:CF:C0:6D:69:48:19","sha256":"81:9A:84:FB:F5:4C:AB:82:DF:C1:27:CC:60:46:A6:23:A8:49:56:99:47:CF:C4:05:3F:0D:87:31:DD:2C:23:A2"}}},"request":{"raw":"GET /s/heebo/v28/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://xx-inv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30116\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 22 Mar 2026 02:01:49 GMT\r\nexpires: Mon, 22 Mar 2027 02:01:49 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:57:34 GMT\r\ncontent-type: font/woff2\r\nage: 506219\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30116,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 30116, version 1.0","md5":"480b1d24f2aa69252a57d434d50a5288","sha1":"6128ad01170e7ace7e1cfa1d7c3d3dbc93242d61","sha256":"50dae2e12dae22c920388023e35aaebcd1e1d27bbe915c83d64210377e083e60","sha512":"db3d713d158f992aaab42936324d64b3edae8d5afded25bf1f2ad4e9380466a5a3d2f061f0a60293a20070b357f693ac0a3b2ee8f159cbc04aa33145db1003c7","ssdeep":"768:dtra3jdzHzeBerSkbONWaWIomeJQ9A2x9qvg2J:72j1qw58W+eOe2x9+g2J","tlshash":"b0d2f1234292dcaae76490b0d8385253409de8e4265b9b49b434cd2ebf7547103ebffb","first_seen":"2025-09-10T17:46:19.009186Z","last_seen":"2026-04-23T21:45:58.551052Z","times_seen":3796,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":86,"dns":4,"connect":7,"send":0,"wait":23,"receive":1,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/img/cryptoicons/usdc.svg","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/img/cryptoicons/usdc.svg HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ObED1Up4UseNb%2F0FJbVzmHxAqm49bm8mYK%2BSFcd8pkQOCKLi2%2FONhdDDh6QhuyI6RVRkf%2BoYG55io%2BPa7wa11Pezgjp%2BLpvdrhRR9NgQ%2B%2FzNHzsBgIyzary5uNRV\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32bb9de0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1626,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"94ec50bf272c2ca70d2741d9794652b9","sha1":"984e715c5968afbe271b777a11cbbf1434933215","sha256":"a59ffcad23c4de45b0389620bf9bf14811e606e22bbf2f674b00baaabeed6500","sha512":"c922eef8d1002995de7e76e08adbd7245c23bf2eb411ae7df1776423503b442a9838cd471eeb00753ad79b80742eaf65d7fd8f3232682f2956a58c6846ee3b79","ssdeep":"","tlshash":"483110068204dabdfed6062cb27038c476f1a99ff271d0e8aa6f1057d08cde0759c6e9","first_seen":"2023-11-19T01:14:23Z","last_seen":"2026-04-21T11:17:20.336933Z","times_seen":312,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/cryptocurrencies.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/cryptocurrencies.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0wXkLKSAWIaTdqQJXUHPO5hRLpSLDwu2gIIOaWRrZYmVGJ7hakvtPmFt14rW3fv4Lfd76032mwAID0HA9hQ8On9EUZsZq8hu4Wz9j1jMKkkpw17pmHZVN7UVV3bE\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b99cd0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3648,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"656645c71870ac61f759b2df1050bd6d","sha1":"ff643d5dbf4dd556204b3c8fa02b2501940b8e8b","sha256":"cb9b990ddcd722d7f52d8062368d7e015e4fafc30ed60f4fc24d1ceb6a21f70d","sha512":"7cb599168b825bb2b975a4f789dd3490b1f12557f4350eb22c9ebf6d93f0d16cc02a4cb4c90ac1cadbc447b5f08ffc6b610fc11f87a9fe420085ceae41104b29","ssdeep":"","tlshash":"517121bf59505206f52b58084bfd0b26627d9423a40ed6e07ec3a44dcec9bc59fb12eb","first_seen":"2025-06-30T12:31:55.415692Z","last_seen":"2026-03-27T22:39:12.550788Z","times_seen":37,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/company.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/company.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wp%2BtQtPRZ08MiZ7r460UJgiaVhznf73oi39Iztg1dJwj5%2F9O12wDjJI%2BmxeWVXJJvGBFcVqmATPP78%2BcBDoWNLqNcBls1hZMy0rlYEW6VqAuPaqIAKq7%2ByHyV%2B%2Bb\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b99cf0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1354,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"83a1605a720901443ccfa26826b762c9","sha1":"24e9465c6027c39aeecc1bd005b24df9007987ac","sha256":"4a9681fdd8660988ed0a53c7982cc2dd9e50cfb1a890a2ff0ea433d0e5ba4a78","sha512":"305523080dec988b93723574e8e30733e463d4a9670f5b77e52dafab4eca650e86737c2445d9ed5ab76f8cad1d7eb965e91d4574da63f004a7a1139347e7ad62","ssdeep":"","tlshash":"8d21a4d70531310cb937e86447e61765a2789027d80af9ddb9c274cd4fc9acc94f3649","first_seen":"2025-06-30T12:31:55.388424Z","last_seen":"2026-03-27T22:39:12.551827Z","times_seen":37,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/choose.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/choose.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nznxM9qRtke7L1uGFn1sL6I9bgv7IRIKDjBCzAnqlVHaXHzW847QnCd9GWa1JkdDoXvfdREKNfOZScKG5YjoLThvq4blNk4sE78KjNzXljBPyggmMaErZj6t%2BsJ3\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b99d20daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3118,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"8d66d7c6c8a1c19f66c12b39561c1d6f","sha1":"14a54b80a151582b11f58f64465ac74a9e8da536","sha256":"4e8e70c5c1183348097da327696aeaf7ca84fcc0068ae553be5b69bab9e76bd2","sha512":"0a7a1d157754003990d867dbb1b387811182c92410f37930ef5c2e2c018e8997a68773a1acaefd49c8df551567742a64bde13c93ee2cbd512452229de5f4db74","ssdeep":"","tlshash":"6e51f3bb0920210cb41b645c6be52b49337c8113964df9e9bec3544cdfca9d19573a9e","first_seen":"2025-06-30T12:31:55.355669Z","last_seen":"2026-03-27T22:39:12.554017Z","times_seen":37,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/img/cryptoicons/eth.svg","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/img/cryptoicons/eth.svg HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ugDBDIOwdZXOoCeYclWtijKP9pMR%2Bjr%2BuqE%2B6BERPFpilzCmb4fQJXnsVZtiFW7Nlve%2FWWfQOcu%2BHjXgeCwxrXN9sDXDWMIj%2Byd7cC2MEFog8NWIqooz%2F2pGC8N%2B\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32ba9d90daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":956,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"122a686a52bc4e03895a7edac4ec209b","sha1":"6c415cb1ad3d376f03abeaff5d7dc89de7bc8bba","sha256":"68ca594162c73854fa960caf63f068a26562f6f7efb873825caaf4fafdfad1fb","sha512":"4f7136ee8e07c6dc13132a25d51a3cdc7ee6e6c3be8fc3d1318388bcb727deff12a5e61947a9ccb483e8561ad684551d0f1e13244ef29f29a3be9a73429505c3","ssdeep":"","tlshash":"0c11b129155a657b79218384237a82d333b250ebdf401af884f12d7fe206c1946cd7e8","first_seen":"2024-08-20T12:48:50.787004Z","last_seen":"2026-04-21T11:17:20.35319Z","times_seen":118,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/img/home/financial_freedom.png","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/img/home/financial_freedom.png HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-length: 449073\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MhIHuCL%2BHw%2F7g7UpeRELfv5wKp3jfhNYLQbsqTuzlaDiIB0%2FRoj%2B91P7lo1TGZsnnKothEXaS0raaYkutBmeHB0k9gYZaIk1Jer%2FvZVVhYEQst3PqOeW9bCPW20Y\"}]}\r\ncf-ray: 9e31e32bb9e30daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":449073,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 596 x 636, 8-bit/color RGBA, non-interlaced","md5":"04451de21f648a95bf2eb1dbe2f91f89","sha1":"69478a540544a6f6cc5256c2afca6655baafaebc","sha256":"cefb2b893e63a2c2bcf04f9912050e8a6ccd0d003b6c69b73d23798ace290524","sha512":"17d08796cbaec23971c64317f896d6582bb624a38f7078dbf62524aa43bf7ec7237fa9f3d68c30a9a0abe5158c73eef66aa291bc9d81f8b4ddebb5797a2ffbcf","ssdeep":"12288:33dwLlETQIVFT5osr7WQo0U7gCa5iLEWW:3NwL+QICsWrgCMiLpW","tlshash":"5ba4233e358f7493f2aff86ba79fd3c21a8ecdab4147bd0651e5452ea65cac08401706","first_seen":"2025-06-30T12:31:55.398779Z","last_seen":"2026-03-27T22:39:12.555958Z","times_seen":37,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/js/app.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/js/app.min.js HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/javascript\r\npriority: u=3,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CsHTj%2BY9bclHCkQLSVQlP9QRaqRSgr%2Budsn7wnTt3qUN83UYlmXbfw2VXfMIdD%2B%2BX%2F501yewbyaN5jSQsT5IlyrqRmDhd%2FbziFukcgQt7XkvmtFT2G12rOuWjWOr\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32c29ff0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":488,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (488), with no line terminators","md5":"632bdd284f17fcd40eb5a0f445472e00","sha1":"7fc40a9cb81f873ee8b6ba04d30161a8d48dbc60","sha256":"87dbae4c0439ab8bf5607748f3dd35b7b138cfdcab2efc94a1bbf6773ed0f131","sha512":"c81b3463d8fface28b4fdc2f198b561ccbd5099935bdfff005cbf6e2ae5df6214e1764abc32be18285747ffd5770bcc05a2a3ae1ff61e5b069d430ea4c066765","ssdeep":"","tlshash":"31f00ecca80191bc03bb40c0226fd1c87c906832e0a1d1d501f7f34804941e512b5e6c","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-01T15:53:33.15305Z","times_seen":177,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/js/cryptocurrencies.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/js/cryptocurrencies.min.js HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/javascript\r\npriority: u=3,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N5CG%2BzmOJezd%2Bz6650u1paMrhGUYXEkePpJ49pusgv7cIUjx1mG7%2FdK5mqcU27eK9V8UDs%2B1WpT5Ycqf438eb6RNqB%2B33FhhT8sJCIhpqiBa9qY727a0pJfCww9f\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32c2a020daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":749,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (749), with no line terminators","md5":"37257948808f476a1ff0737b2a22c9fe","sha1":"736ae1b7c5597458834c9704571b99bd45aa6231","sha256":"f6af42497aae5f14a17aa2d68c0ae2d551332e96f2efb23a428cdecff879c2b3","sha512":"3f5dcd87cf322f465879172c431b73e02eff51eec9eb4ed39ea29364fe8953577ddd8119434456b873ffa81e2d73c5376621d6b53a37e4ac0f98c9342d5cf440","ssdeep":"","tlshash":"7801b56b394e343555ce21bf42769a8c20aa013c754266e13e2a898c6071ca2f4aa9ec","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-06T17:19:52.863281Z","times_seen":239,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/img/cryptoicons/busd.svg","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/img/cryptoicons/busd.svg HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=104zJZXrZW3xig%2BX9NomjQUZ%2BqHyskDJnYqPr17i7GjsTYJknSd5nYE%2FDI4ga7%2FJkAvW8LyNT13ErvEl%2FYsX4Y9Wf9kski4C4RsaRCUmpK0AEKuS477GQTqrRwsQ\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32bb9df0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":942,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e18c9a55ae92ba734105e2ebdea06679","sha1":"0c5927bbf67033788a0829b817e8ba735da3b026","sha256":"23a5afc32f0a882ae287456596c37ef02183563af26c57619e91c66a90cfef21","sha512":"0aa09904c5489dd182148d429ba9497aacccb895b6c7e7f07b77e3dfcbc2af8bb3a02f7f5a3ddbaaa7eeff9b5659193fe3724b0003c20e78ab0e7b7b00529d16","ssdeep":"","tlshash":"6d119e24d204aceff50dcf4483f0aad12e626ca382544c7cdef81a79d755c570c5529d","first_seen":"2023-11-15T03:06:45Z","last_seen":"2026-04-21T11:17:20.339999Z","times_seen":341,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/img/cryptoicons/bch.svg","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/img/cryptoicons/bch.svg HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8ZA0EwmFbRt4SVIfVKMqpxyzVkNNV34OJe7zJMjQOfsN2sF03GbCLSxl5MO4e55yehcx2ffE%2FK3LL2VkHgtYnNpO2FOg3LkyXpKwoKAKi7mcFKDv7s9k15m%2F6bhI\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32bb9e10daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1214,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c09d291a67357599252f1208c0842ee9","sha1":"d1c95e8b248838d153735628c110951d18aa057b","sha256":"0af9263278022b11dd522c2ec26c5dc4e07e35f0b421fac7278951f0066795aa","sha512":"53d756eee3c4cb922a701fc0e427708d4d1b25a440bd5a2ac02e454288cd4a25ed575f42db132687b408525e155776df42b3acad643de2ef2761a64d89450ae3","ssdeep":"","tlshash":"10213f0881d5a87efc50e11953a0158633b4ac6fd430aa90f8eba85ec24c8d0128dfaf","first_seen":"2023-07-23T06:53:23Z","last_seen":"2026-04-21T11:17:20.350656Z","times_seen":787,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/normalize.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/normalize.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ltHMAvxBB687DRU153L9DBp%2B3OJK233B3bQNhclXMUIT2eZHyHT6SJti4VYTmld84phIHl%2BMsKf5R9QMjLnuw%2Bf6wAUAUqx6sbpWtnTaLU%2F1qHNG2G%2BxQdy0rvt3\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b99c60daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1947,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1947), with no line terminators","md5":"515193e2d064be1543fd99da0c13a25f","sha1":"101babf3b2d5cd9366d1403a527138311bb10bed","sha256":"56bf1a266b6d0ec11ff9faa9c123022ad85186c48aafdbf84a6aa4ca95579d1e","sha512":"3c686599ba983096ab2ee882d9da6411c138bf27bddca58ae884963899ee827f42626b7c4e5a7790704f822cd2fc7691178248ef9914072d390ee52c6d8862e8","ssdeep":"","tlshash":"c7410eb307402b24a773cc262ada3f5835206433c552b6ead450ecb5c7ca9666dad78e","first_seen":"2023-04-17T13:49:11Z","last_seen":"2026-04-18T23:09:16.34977Z","times_seen":206,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/img/trade/tr3.png","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/img/trade/tr3.png HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-length: 39723\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MbW95o%2Bg6kcoRB%2Fcoj8Ro16z3LWBU19G1WoW65Qf1v95rLQWL42wz5GRlGGjtcKS2E%2BGOXUEgjp5HCo%2B4WH8TaA4Yq%2B61Q0hqKx%2F%2Fu6vivxxAllheRWxW%2FhNrSAf\"}]}\r\ncf-ray: 9e31e32bc9e60daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39723,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 160 x 161, 8-bit/color RGBA, non-interlaced","md5":"bb337519443573106a2e59b04965315f","sha1":"767248549e0567c29c549d0c8a1bf399d77529b0","sha256":"fed83eff2d1232f6be9ed8bc79b320ed8d6b98789efd0918d8f1de5c4100e895","sha512":"2b953d8767e910101817889392645ca807aec91403b30172b4a5a385e659dc0f7a8a07c7487fb20f29c0cb61e7752dbcab008f99f994d34f9dcf721171585df3","ssdeep":"768:tIDdPnjxgFfJoZ+vT6TOlbjB4qaucn81FB9qYBHs5XtIsmUxYK1:tydP9co7Olbjmq1cn8DqYp118R","tlshash":"9503e11fdaf66f99b8879837c52fae9efe0c0b878991f0456424e5016d26df001c7e0a","first_seen":"2025-06-30T12:31:55.4078Z","last_seen":"2026-03-27T22:39:12.561205Z","times_seen":37,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/js/header.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/js/header.min.js HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/javascript\r\npriority: u=3,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BzeMHJVKx6KZOOtaZzx52aSOgojdT%2ByY40em13In4RxovSXyJ33FCk4sIGPlZ7CJWikE6ew1N7%2BVR8shkzW8UJrpKj1u3h6iwYnUQbzQXdHUYOklykbV%2FpvcVyIv\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32c2a010daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":563,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (563), with no line terminators","md5":"63f1eb758c539563a116fd6205f2cbf3","sha1":"fbaf0ea4381ca7def60922205a42f6372afe0fcf","sha256":"4cf4cf24c46ef18a23275d60700a827e4106aa462659f46da1afc3807e8e33ff","sha512":"d138c6538254710cf342359349a96f1fe0669e444bc94f8bc3faede81c88c0c9240f7426c153788610d47c1ec99b98ede8956d3a163a5cb95f1aef9d9ce26cfe","ssdeep":"","tlshash":"41f0c269470c657a01a20ddbe7e1cee06e1058d7d440247215a5cd8f4be9ce2d2a03f2","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-01T15:53:33.137091Z","times_seen":179,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/heebo/v28/NGS6v5_NC0k9P9H2TbE.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:39 GMT","end":"Mon, 01 Jun 2026 08:37:38 GMT"},"fingerprint":{"sha1":"31:A8:B5:C1:CD:F5:51:78:A9:8C:E3:B4:73:92:CF:C0:6D:69:48:19","sha256":"81:9A:84:FB:F5:4C:AB:82:DF:C1:27:CC:60:46:A6:23:A8:49:56:99:47:CF:C4:05:3F:0D:87:31:DD:2C:23:A2"}}},"request":{"raw":"GET /s/heebo/v28/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://xx-inv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30116\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 22 Mar 2026 02:01:49 GMT\r\nexpires: Mon, 22 Mar 2027 02:01:49 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:57:34 GMT\r\ncontent-type: font/woff2\r\nage: 506219\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30116,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 30116, version 1.0","md5":"480b1d24f2aa69252a57d434d50a5288","sha1":"6128ad01170e7ace7e1cfa1d7c3d3dbc93242d61","sha256":"50dae2e12dae22c920388023e35aaebcd1e1d27bbe915c83d64210377e083e60","sha512":"db3d713d158f992aaab42936324d64b3edae8d5afded25bf1f2ad4e9380466a5a3d2f061f0a60293a20070b357f693ac0a3b2ee8f159cbc04aa33145db1003c7","ssdeep":"768:dtra3jdzHzeBerSkbONWaWIomeJQ9A2x9qvg2J:72j1qw58W+eOe2x9+g2J","tlshash":"b0d2f1234292dcaae76490b0d8385253409de8e4265b9b49b434cd2ebf7547103ebffb","first_seen":"2025-09-10T17:46:19.009186Z","last_seen":"2026-04-23T21:45:58.551052Z","times_seen":3796,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":84,"dns":3,"connect":24,"send":0,"wait":28,"receive":1,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/heebo/v28/NGS6v5_NC0k9P9H2TbE.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:39 GMT","end":"Mon, 01 Jun 2026 08:37:38 GMT"},"fingerprint":{"sha1":"31:A8:B5:C1:CD:F5:51:78:A9:8C:E3:B4:73:92:CF:C0:6D:69:48:19","sha256":"81:9A:84:FB:F5:4C:AB:82:DF:C1:27:CC:60:46:A6:23:A8:49:56:99:47:CF:C4:05:3F:0D:87:31:DD:2C:23:A2"}}},"request":{"raw":"GET /s/heebo/v28/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://xx-inv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30116\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 22 Mar 2026 02:01:49 GMT\r\nexpires: Mon, 22 Mar 2027 02:01:49 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:57:34 GMT\r\ncontent-type: font/woff2\r\nage: 506219\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30116,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 30116, version 1.0","md5":"480b1d24f2aa69252a57d434d50a5288","sha1":"6128ad01170e7ace7e1cfa1d7c3d3dbc93242d61","sha256":"50dae2e12dae22c920388023e35aaebcd1e1d27bbe915c83d64210377e083e60","sha512":"db3d713d158f992aaab42936324d64b3edae8d5afded25bf1f2ad4e9380466a5a3d2f061f0a60293a20070b357f693ac0a3b2ee8f159cbc04aa33145db1003c7","ssdeep":"768:dtra3jdzHzeBerSkbONWaWIomeJQ9A2x9qvg2J:72j1qw58W+eOe2x9+g2J","tlshash":"b0d2f1234292dcaae76490b0d8385253409de8e4265b9b49b434cd2ebf7547103ebffb","first_seen":"2025-09-10T17:46:19.009186Z","last_seen":"2026-04-23T21:45:58.551052Z","times_seen":3796,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":75,"dns":0,"connect":0,"send":0,"wait":26,"receive":2,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/media/logos/favicon.ico","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:48.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/media/logos/favicon.ico HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/x-icon\r\npriority: u=6,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:48 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FwRuFODWBSbKncj6JA8zfx7LrmwGnU08RSyC3nmudDt%2FIHcscmWxlYvxShncLTzReOfC2BGwa2Haj8W6zWDYfA4rMgOfw%2FCyydq5loWppH%2FbtMyZTmdT1jVblBNU\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32f4a550daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23166,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 73x76, 32 bits/pixel","md5":"655a3d9e8b041168af5ed594bc53a045","sha1":"2a10a2b34eda84cfe1b3fb5c7976f6784c0b9c73","sha256":"3460d9a4ed4ae53b60ded9680af38db6d2d4b7c32a20fa0392bf3ebbacc984c6","sha512":"fdd0f1528cdbe5e92a0760fbc2f68a9101aabc64553c96aaadfdac16f68bb8d6d4463558feeae6339dd38caa36a5a4036757c99f6a2c1c15769e1e0e3aa34806","ssdeep":"24:MFbl+VURCShly4JX+anJMVfRC+AQCaMaJaOaWasaNaogAkFzGyGI9NqSjis7AYfe:G8VUISMC2VohQGgLzeIHiPYg39Nllkg3","tlshash":"9da26a6a3f24f255ec2986741ebaedf43d387c13798053e276807fcea2753026a13a55","first_seen":"2025-06-30T12:31:55.402347Z","last_seen":"2026-03-27T22:39:12.563056Z","times_seen":37,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/img/cryptoicons/ltc.svg","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/img/cryptoicons/ltc.svg HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G6vvGUhuLRgJv5Fs5tfL3%2FJWtBDgF8IEhs85XI56%2F5R4hXPvU%2FXLIEBQjIgOcGTXLpQkOV7RLbjf1XyJudoZN%2BSizPvaIZnTho%2BCfT1X3n6teSTCNt3ZlAiR107%2F\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32ba9da0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":753,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1357667ba2495b5b9b624e477f83c544","sha1":"841592b39e45a36429a8d5a054c08e5c7c934a6c","sha256":"19a2412000c4b36f27b784a6f0ae5d074945770bcb9d3433aa8e9cf26a4cb39c","sha512":"67f23837d53730f260685d63066c729ba7cc5433133643d58f5d6af5420fdf8622a5a6d77d2e57e429914848a8ec3d906c5dbd35ca78e327afb134e9f920d8f4","ssdeep":"","tlshash":"fc01d05d4780dc7d6591866443b461d16376b047c78149f4dceb267bf6058d05254bac","first_seen":"2023-11-19T01:14:24Z","last_seen":"2026-04-21T11:17:20.3359Z","times_seen":336,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/img/brands/brand2.png","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/img/brands/brand2.png HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-length: 4876\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r3qy3Lczkk5wnLAs%2B3HIL9i18%2FcvYfGi94cvgnoZtAjq3aDwySpzP2VwnTjmfkW9%2BEVw8eT%2FsepJHW4S%2BVcbotofIbrLtDjMjxEKzVlzu7Ny3HoPp%2BAjUfBOOiaO\"}]}\r\ncf-ray: 9e31e32c19f40daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4876,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 148 x 46, 8-bit/color RGBA, non-interlaced","md5":"30472718e50537c3c9bf67707e0fa50a","sha1":"1c78a594073efd3b1ffff96c561a571b6fbea4fb","sha256":"2b6a5ce4e6c35ced206ef5aa4a7a32e413a01a0d9f20650b8e91d03fee6e6a48","sha512":"bf9ce8a08374c55aa1dd2b0bdeccf72a949c35a616324e58a3e5edd929375e142048a8e3dc7634d770e2583206aac6deb1daebe213549e49890d76bb6fd28ba0","ssdeep":"96:LS46ebv8d3TP4tVO4bupiiajt1vUSRl6/KIg04rizzRM3Ol:LS4ns3TPWobY7ciEOezzik","tlshash":"19a18e6ed3618e668cc3daff768aa31a70a1c743d531e9446b3348c03039d8d262935b","first_seen":"2025-06-30T12:31:55.413476Z","last_seen":"2026-03-27T22:39:12.564776Z","times_seen":37,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/assets/js/app.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /assets/js/app.min.js HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/javascript\r\npriority: u=3,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ipjBaClzwhB7bHymiyRiDk%2BzFE%2FE8QjUqH67%2FSAls5%2BwwEK10Lt4AIvro5kUnwvchaNoF4TTsmAmWv49NfPg8QTx%2FYUzmhl8hzqCo45TEotl7xhNEhFSSe3o5JDU\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32c29f90daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3615,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3615), with no line terminators","md5":"d07fddad2dbb2e1b33663063df276af3","sha1":"ff05ef5d12cab598273743b8ecba860d5fe3eb19","sha256":"84c100eb29667fada78eac7c2ef3831d2dfa9d01827c00f9a8c07a8da28231ee","sha512":"497e5b7368287addb7d29b29b80a3f89ee35f8b1fb5156b0b02bf27fbc6b238fbe78d4554ec7f879b982da6ff9b1e4750f1daf058c5f921c5032eec06afd48c6","ssdeep":"","tlshash":"c57122791314b93c02a30ad7e6e6aad07a343886d5411070a8b9ccaf1fd98d39371ff6","first_seen":"2023-07-07T00:40:59Z","last_seen":"2026-04-21T11:17:20.35118Z","times_seen":426,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/img/account/accoun1.png","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/img/account/accoun1.png HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/landings/css/account.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: image/png\r\npriority: u=4,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:48 GMT\r\ncontent-length: 279776\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ppZUViaW7%2B8purM%2FGppTZ8xgUGBNRWHi2OOW06I6H31VLwilDfwEmM1O%2Fms1ti4t7UC%2FOnbAefieKiuIDwVLnsap4P8IFAvxEG%2Bb5QDI1FIZurdxSc0ztJrkLpb2\"}]}\r\ncf-ray: 9e31e32d9a260daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":279776,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 575 x 537, 8-bit/color RGBA, non-interlaced","md5":"b280443f9861021283e9e1bc37a8fe69","sha1":"0f227b97d3a8bb6330c40d936b45571706ae1254","sha256":"d7b3c89df16ab198223750f340bbfec57bf80a23a82e3ac0d2d492b253935737","sha512":"792ab11a4375ff16ad722af3e4b6efe03e10bc3b6a94a1df05706455a069d9ac13704ae727f9989c6de585ee0cb6ff5ce635feb89920aa7544104ab395a19245","ssdeep":"6144:bYMmB+cdQ04Qf0aNzWZb3YYrKRzrM/BivP:bYMmOBhLYp+ivP","tlshash":"ba5423a244fbcc311ae44898360099ff08a199519caf7354ebfb49c5ca411db463bafb","first_seen":"2025-06-30T12:31:55.420515Z","last_seen":"2026-03-27T22:39:12.566584Z","times_seen":37,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":110,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/fonts.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/fonts.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\naccept-ranges: bytes\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zLfVL2VKRZbAIc5%2FqFAgIw0s1Zcv37tLfl%2Bvxu%2BVxFZ3asbgDoWybo7apbcL66%2BKUNwKKOcMkOz%2BgXFBFbgkPN%2F1nbB%2FjOIcbxkZ9E02yaJTYEDRMrg6bZQ5rqjl\"}]}\r\ncf-ray: 9e31e32b99c80daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T22:19:34.826453Z","times_seen":14119056,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/trading.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/trading.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WZDmj0eq4oXZoq4aCT7yDFj6vx73%2B8WY2Axri6gJczdoC8spZrd%2BCOfL6j%2Bi0jPrk5hxT0hmpZ%2FY4VfxHG%2BxZ%2BdWB4IePcTLgbJ3QUnJeyRPkvp962k%2BJwWImUGj\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32b99ce0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3356,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f0f8f0b01b977bf69c4f79390d1c174c","sha1":"cee288d27b0d006b272e3f10d9536325f3c9f35c","sha256":"2160ef6f6d859915ba3ccc27ffeacbd946e346d0d1874cd48d3894d4a5584712","sha512":"183f777660f4d36b816030d701e4366374032d17e242826e112dfd0e2db7a5fc9961ad3920426e2ae781bbc98dd823192eb4e7e1244cb0a90505c2bc4e410eb5","ssdeep":"","tlshash":"60610dd30664ba093943b868364517a1b36c5053c24ffaed6fc2248ccec69c4d9b37ad","first_seen":"2025-06-30T12:31:55.394914Z","last_seen":"2026-03-27T22:39:12.568339Z","times_seen":37,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/landings/css/trade.min.css","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /landings/css/trade.min.css HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FUNR05kWhNr9mWdxqaWAGReuXXXQI79PpmGlXquuvuxgEZVBa5kaVu1XY6CbSF5PI0MU5h1PkixFdQwdiCrX1o15S80dN8%2B3iKEBBRumsTcgWpCyBSwCjFtY8mzT\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32ba9d30daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3182,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e385c0229e0866945800a8e50b70a611","sha1":"dd11d3c2038290fc6d1e9d142dfa43c79895eb63","sha256":"812ced114ca94fdafad8cc2a604ae8390d7004b1c419a7c794ee945779482382","sha512":"56c45648f2c1715d6a2669a9fd664054b4827427db4cf7846ef9fd89a1ebb049b8fc83d72358222f0be986473a465b7963dd8eab8e9c3cce4257560928ff69a6","ssdeep":"","tlshash":"8461cca35970b7047497a44cbaa51b4073aca003e14ffaf46bc2250cdfc8ad1c67369e","first_seen":"2025-06-30T12:31:55.412121Z","last_seen":"2026-03-27T22:39:12.56922Z","times_seen":37,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xx-inv.com/npm/swiper%409/swiper-bundle.min.js","fqdn":"xx-inv.com","domain":"xx-inv.com","tld":"com"},"ip":{"addr":"104.21.48.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xx-inv.com/","date":"2026-03-27T22:38:47.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"xx-inv.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 12 Mar 2026 06:43:42 GMT","end":"Wed, 10 Jun 2026 07:42:09 GMT"},"fingerprint":{"sha1":"AA:B9:A1:64:78:EB:7C:A8:9F:A8:F1:F8:C2:B2:15:C8:46:52:2B:3A","sha256":"9E:01:94:C5:4A:5C:81:59:11:E5:E7:3F:24:FA:94:24:59:DB:91:8E:17:B3:33:47:BB:15:C0:10:45:AF:29:30"}}},"request":{"raw":"GET /npm/swiper%409/swiper-bundle.min.js HTTP/1.1\r\nHost: xx-inv.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xx-inv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nlast-modified: Wed, 19 Mar 2025 06:25:01 GMT\r\ncache-control: max-age=14400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-type: text/javascript\r\npriority: u=3,i=?0\r\ndate: Fri, 27 Mar 2026 22:38:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SlSUWbQhGYWMqg2uZIQwle1TUu3bwv%2BVl3JJrqSfUqi0dBdmhC2DSGWz4IGNwtMRQAoodeJg6eHpX6Ips6JplaXlHiFPMNyCbuht1wlJbTIZoOsgBhHQkdz119OI\"}]}\r\nserver: cloudflare\r\ncf-cache-status: REVALIDATED\r\ncontent-encoding: br\r\ncf-ray: 9e31e32c29fe0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":140575,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65271), with CRLF line terminators","md5":"e6169ccf7a9d58ed680db82c97f26746","sha1":"4ab349710f1444e3cac40a1c17def4173ebcd9eb","sha256":"81242d1bdd179ae12bcee722a29eebf2f5b7884eb050e5dc1670fb4361c61370","sha512":"f02d5d5aef52ca3787669abed1e0a1cecf41dd73d463d675329772d7dc20bcbaf2f75c25951e678a18afa8658515bfe2ed43e869e8a16d62dc8d57ad127b5210","ssdeep":"1536:DIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVua:EJCN+TXD2BkQZFU9tp8Mj0k95h5cpnk","tlshash":"fbd3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","first_seen":"2023-07-20T03:42:03Z","last_seen":"2026-04-20T01:35:45.726548Z","times_seen":556,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"xx-inv.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}