{"report_id":"5144d70c-f035-424f-bad5-5cc25d48e984","version":6,"status":"done","tags":[],"date":"2026-01-09T09:02:48Z","url":{"schema":"http","addr":"bitvestment.org","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"104.21.36.122","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bitvestment.org/","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"title":"Bitspect Max ™ | The Official \u0026 Updated Website 2025 🥇","dom":{"size":65104,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2249)","md5":"da58253d0de9aeaf3c80e68ca46127a4","sha1":"c7522d2acf1f0d0b75fd32848bb5e78133712f18","sha256":"224d952d73f46ba857909e2976067fc77f23aa480864cee7f5f784420c091c61","sha512":"820a790267826b6afbd155849b76c3518d18ad48c368b4f241abd0281760a921bbf98970d34811dd94ac9a441df08a56b2488aab4877c3eace807d24539c1e43","ssdeep":"1536:ExMVjN4obu3G62StqGxeVofZzGuUxXvn628kyfb:ExMVjqbNRIX8kyfb","tlshash":"e453b63350f01766138340d227242f8eef66804bcba25a59b1ed4a55afd2cb7cd73a9d","dom_hash":"domhash0d40f0011b0b2ded66118f73c6fa2d1e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bitvestment.org","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"104.21.36.122","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-13T09:02:48Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":1,"received_data":6679,"sent_data":474,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bitvestment.org","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-09-06","domain_rank":0,"first_seen":"2026-01-09T09:02:49.471823Z","last_seen":"2026-01-09T09:02:49.471824Z","alert_count":282,"request_count":47,"received_data":899186,"sent_data":21938,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-04T22:14:09.841371Z","alert_count":0,"request_count":2,"received_data":17368,"sent_data":1074,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bitvestment.org/","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ebc7f5f82eaf0d72fc8a26fbc8000373","sha1":"2a827a815d3d5fa9d3238c9159f4f4af9e0a7e02","sha256":"e5ce9dfe4654166829bf24d8ea5907448883be3ed668ed8b3a85bc7f316edd2d","sha512":"c2f933dbaf4dd287915022bf26500a3156cdd00819e4da91d3b73ced318f4d9d366559c75b45e0ad71fa897c2aed4b401da3e72d2e284c9b7424d301967477ab","ssdeep":"","tlshash":"f7f0ec3400b44036c113579739cf7ec0511114b7a14c9c99775f860eafba8b00d792d6","size":518,"data":"","first_seen":"2023-11-27T07:36:46Z","last_seen":"2026-04-03T02:42:57.944879Z","times_seen":292,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/form.js","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"57222cd559e3a912092239fcdb6706de","sha1":"d65d9e06d224a9a7e22916dc04eae83d1f26d6c7","sha256":"81a17cfaf5731292df919a903727b86550d2a57e1ad29893dc693ef9c2013113","sha512":"2960f1e3b8cf8e96b65fb4875f6241db594a7862c5fe1cad5e5d859df03b780c49293e4f4bca9b89db0070bb6ad7556674ec1b8bb3672c23619cd10c1cf5c232","ssdeep":"3072:CtjnGnbliOU03o4PwjRSBZTLqstc3ikgKc0Njv1BfEQ3j:C56bliXR4ZT1toJgK5jv1BcQT","tlshash":"f1542cb7b5407b2b33b53a98aa27914fab8c4c52dc8dd09ca9efdcdf585041160bdb18","size":279475,"data":"","first_seen":"2023-11-27T07:36:46Z","last_seen":"2026-04-03T02:42:57.91737Z","times_seen":299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"d340024e4734e72c0555fc2a541e74a1","sha1":"995e53f4089e42f677947a6f48e5ff2a25ed9ab0","sha256":"8a04e32acd55cec723824bb94592371f3dc9ab66e579560075bd3c8e54efb9a6","sha512":"86a412db921513f86162b7864a0002032b11a6e4514b079ea5a81bc8299c46b5d1a1feaf8199b976b9a8b24257322822fed38cdffbc32c1575a242bcc39854a3","ssdeep":"","tlshash":"537000cc003c000000330300c03f00300c000c3f000cf30cfc0cc0c000cc0000030c00","size":19,"data":"","first_seen":"2023-07-02T07:28:12Z","last_seen":"2026-04-03T02:42:57.943552Z","times_seen":548,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"af1b93af1acd7d0445a034f1189db7fa","sha1":"6da3e6a232c589bba587ca70ff28b52650d26276","sha256":"49246c311e933296183985354f49e4df6af3ce50733b57928200d6c22510b5f0","sha512":"3fa497529d3f3d3ddb26c70ca99e947e357c8ea2633b09c3ccb959ef5a11fa5c115f058d0434d7cc293d67f6b155a863a571348993b044deb9a25b364b9f09c3","ssdeep":"","tlshash":"99f0e94446fd10e0034fb27faaab5f863130408f60044e0a3e2c4fa47f65c755ac56e8","size":559,"data":"","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-03T02:42:57.945948Z","times_seen":299,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/static/assets/app-6256b172.js","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e2d482771a47ba9b3a2bce1db19e0d2","sha1":"3509e9194d4a793ffd94a62ff64826a7591d35b9","sha256":"b1dc3a468eb8949e17762628c68205ee4ffad52ec1cdbe48e3456bf96c1c9603","sha512":"1036b1306e9b1233246ad2247e7573fa7c9831e7115445cb42e48c8c60b6eb5085170e0aa0d435ea3b6aaf93219657e494b0d554c58da6cebdd509693c5eb953","ssdeep":"384:uKWwubIJr3oQIrcUZhTnJ4NjEgcMq1Ta39F54Z/+w2fSX8BASBx72Lb43+KDYSlO:uKWwubIJrYQIrc4nJojEgg1aX4Zr2fSr","tlshash":"7672d5d6728174b20bae20dd407a5547f2281899f44ad06cf62d9dfd3d29c8a21b3f7c","size":16786,"data":"","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-03T02:42:57.925471Z","times_seen":289,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"bitvestment.org/flags/et.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/et.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 522\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-20a\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VGeTe3q6ZUONAKEIPXgCtRO%2BP7p6CYc6RO87pi5V6PJFqjL0HvVoYIKgUbwwtKqcWXTN4bFiZV1N2OJlzsxE6lFcH%2BMyd9Gf4h0ry9k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173dcd05689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":522,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"3dc9c2f215da1556d324e0f48ca7f0a4","sha1":"3576caa6334d061fc86b4f3140968a989e07e189","sha256":"9d6e5b81b5b11a75fe5f89ca592837df3070467960556e6f0aa27d561c6c9a96","sha512":"2dc9f8514da837ac73bd675ff15ac67f29f90ef4140a0cd3267087cba295e3078c8c815fb4ca2df81c90351a2ec3b47b03061c7b10f93ccb6725f47d57387dd5","ssdeep":"","tlshash":"99f07cdd0308385c887b0c01c3970323d4d75c55671f2d05253c59ff5446dff4564551","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-03T02:42:57.905986Z","times_seen":315,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/ko.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/ko.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 1361\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-551\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gdFHq2iC582rmE7AfFhOKbHqJU4h4BWKQhm%2F3ti9jFK5XpHjVrzgocVrBLD7j%2FS8kPDlXM85Ca0%2BkSvniVEqxTfVMS0ymMFsHMTn5Go%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173ecf25689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1361,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"ed87e4c8a4dd16c9c3f8499a0aaa28bd","sha1":"f818a0782047c159ed8e5cd041ad7f09e8fe52fb","sha256":"eb59eb7dcf155a7b38c8f4c9db869ed942bf55a4457e3f4ff0791be4f2c736d5","sha512":"bcf1992bfb1d0ed92e4393e0b85fe5c768ed29285d38a259d0cfb60827537b74d39a925cfc4df58ed8b478d5015fad047a211ec2ddffa5a69b0d08f5abcdab6e","ssdeep":"","tlshash":"05210bad1b7c302cd6f9c5799909fb01ddfb04040c9fa1c59129d6cc28c588b70d5436","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-03T02:42:57.910877Z","times_seen":4212,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/pt.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/pt.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 1076\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-434\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X%2F0kvLYVNszCjy%2BfMYWGs%2BDRfjizucZ6u4jR7SQ3jhyU9VfYOcane4PRxI36CFKG90%2B6ZlpkkauVR3parNFPfSVfLMp15KpuUohQiSw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173fd045689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1076,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"bb3cb490b63a8f51283c686b916cf4ff","sha1":"f325c9d27acb1d3e03a3481eb2c240368ae8460f","sha256":"f06d3def1549dd1b0a108ddc645d2e8906fb631e5812df19cdcbd887f3700bd8","sha512":"0bd183107bfbc19ad5ccb7458cdacbc089eb7335c3eabf4b47433c0ecff5fbabacb9beabfc026170c38cb7c71847ca274c3105c93fcc042c393cc53106fff3c7","ssdeep":"","tlshash":"3a11e9f94630fb9c8960f713b423ca2a988e0b250ba3381d50fcbe9a04135fb835c710","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-03T19:30:26.404513Z","times_seen":761,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/es.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/es.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 873\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-369\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=izj%2BwSlzKjwQ8p%2BVMbs4cwbyYZypLHMuiQ0MJAVoO%2B5NEoRGBbmAlrVheRpdY48hyIdx6uz%2BJGwYV0N0DGtJUxPGd7hnuL%2Fi34uoRxE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c1740d145689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":873,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"8bf31a924501d6db655fe75696b5f046","sha1":"94ba0f8d4db0c35c1246a55fcbd6e0ef3cd7f0e2","sha256":"5ae9561f31199bf8a892f797a69db1bc5d477e2f8318f2b7e95487f025f66f28","sha512":"37dac360a5ac86e3e0cb6672eab5db6baf1514225741615696d09cadd93492f3c666bb6c385d12475046fa21c1672250b8cee13b83f629d80b3a8aec752491dd","ssdeep":"","tlshash":"f31163e9cb60dc1da704955134135b78ef920fa9036f296d861490ffecaa61ca5d0325","first_seen":"2023-04-08T21:50:50Z","last_seen":"2026-04-03T19:30:26.368089Z","times_seen":1303,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/tr.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/tr.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 923\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-39b\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nyd%2FQCm3Z%2B2GV74Wn8Nh3rPV%2BfaAkC55vJxQqIBQ5%2B6MC%2BrUKZ9xFFvaihR2NkGN%2Fu8ScrFHE8E0EM7h2rQfS7j%2FRFAnf6JIkcEmIRo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c1741d275689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":923,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"f9619dd9adc7fbb5244483ca00cace60","sha1":"4970f612a0e86100cf07629da3b9ea12af8891e5","sha256":"d11d2b8956d975cff1ea2a49763f6eec736506498be297be7ac1c4363cc95ee5","sha512":"a7517b1bc260669d644b2c61a533abc00cedfdb859254047ef6b41af111b9a09141c4cbb5871b13014a86978cd1730ae77f8dfc7cf6a27a2bbf46b69f0b70d81","ssdeep":"","tlshash":"de11c4d8f640b028237946efd102c9aee92fa5e65c8323c89109b08d738720d2292ba0","first_seen":"2023-05-06T09:49:14Z","last_seen":"2026-04-03T02:42:57.935314Z","times_seen":621,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/vi.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/vi.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 818\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-332\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4W8wF38507JdxHzA%2BpcklUJRIwKD7tMdRv4BfzNziUdZx2nhETtD0dsqdjLfT8MNmkOWqsUYH%2Fa4x%2FvoNbb0oNdPwIVtR%2FSrzFxTlbo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c1741d295689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":818,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"931fa5c7d5aa2805b11fbc974b816d77","sha1":"8eb02f52bbe074b5dd681b95c6196890e49651fa","sha256":"06fc7512126a48e27890c8ac939d5821da05cc0b08d4d11698b2d95b32c3ab66","sha512":"fdb1cf9fa583d8f5fa55b0771228b69ae02873fe9db4827dab69677fbf897b7e993f15b5c3732bc66ab64fdf0534b4fa3ecdf6e6c3cc4c0803de0e48bb340b45","ssdeep":"","tlshash":"a70186a0ce845efd145fa97703a11e1aaf9b1ad01fea1c72407c6c2964924408154956","first_seen":"2023-05-06T09:49:14Z","last_seen":"2026-04-03T02:42:57.916729Z","times_seen":608,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/ar.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/ar.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 1480\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-5c8\"\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3SzqtjAngIriLRevROMOqjm4C7nQbIZXfHiz9I7LMNGA1afs51mK0yeAafrVHWWAE5eOrp3C3L3yYcEbSsdSrwb1wvp%2FW%2FQ3uxkSD9E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173bcb75689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1480,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"7fec8a94e0af73b8647803e1ff9887be","sha1":"aca14e7523e0bff0a9399a0998b49387d636da9e","sha256":"f093a618390e4ef10ee984262dd3334074536f565eb0ecf6cbd0939597073b3d","sha512":"61d5698ab4bcbf9589338c045a1a214edb887746e9e9a67d434dbc1ee81b3682a7cca8560c79a285dff0fd2d8550305e1d7b8f17fde68c1b9543e788a78379a0","ssdeep":"","tlshash":"fc3119e713000b75a02b96385a3b08b8244a4c4c0b6ad99b52cfbdae97563c58191e38","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-03T02:42:57.921377Z","times_seen":3562,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/countries/no.svg","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:26.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /countries/no.svg HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DA4R4XQ6JVeJxr8oPfwvkaaueMfgB2SD4gy081prMmU5LclFfwtQiYktsanRbcBcaGcBJm0bdi77wbvrfJbpl9PpsIhZcbsDs7yaZJw%3D\"}]}\r\netag: W/\"678183f9-14d\"\r\ncontent-encoding: br\r\ncf-ray: 9bb2c17819165689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":333,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"72ed1e32ca8cec870cde2ebd3e6ed027","sha1":"e1a0c8d63773da2d34edb77234d9f1d750327aec","sha256":"b9b277c14e5f093eb4be2c42a5af08384f14bace2e2ca505ae68ea4144f429e3","sha512":"aeed0d880ae36a5059f599f79daa873841a58a7e89406155afd3ecc037393e48a05548e0004a2bc50894053df26e814502a666bcab93cb6d8997e2b9d5373e71","ssdeep":"","tlshash":"dfe04fa5d27c9008b608d71f2b4878d61317b0dcd3652248d9802a9260889efbc3934f","first_seen":"2024-02-06T12:32:34Z","last_seen":"2026-04-03T02:42:57.915972Z","times_seen":200,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-09T09:02:25.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:25 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nset-cookie: lang_fx=;Path=/;Max-Age=2592000\r\nx-geoip: NO\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DHLfLjwHCMSNZ6FacChVxqpOSm4CieF8kPuNxapyjTqqulDa%2FiSy%2BJd8LtaqbzGXSClCHvP1FOaejrYWf0uu2qNfsD9KtCer%2BMmO8CA%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9bb2c170e9e656ae-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67128,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2249)","md5":"ed866b9fde6395d446bce0a29667ef98","sha1":"68332e6b1f58567c4e0fe9dac392522a48ffd457","sha256":"ea85e5a567d9c8b77ebe3add814a6df9b80587291c8c059e4c7f844abd4c1beb","sha512":"af1c6fd641830fa8b28bc4d2151252d9ebdbb9e1b0beef5da55e9ed63356ed239c06c07abcc807c409bb28d9f765f2e7d6ed18f437218873229b74d5bd0e1815","ssdeep":"1536:pxMVnN0otu366qstqGtGfoMZSboXDvZzpLqkyuf:pxMVnuxT2FLqkyuf","tlshash":"1a63b63314f01766134300e227241f8aff65808bdba25a49b1ed4a55af92db6cdb3bdd","first_seen":"2026-01-09T09:02:55.199072Z","last_seen":"2026-01-09T09:02:55.199072Z","times_seen":1,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":35,"dns":16,"connect":1,"send":0,"wait":174,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/static/assets/app-6256b172.js","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /static/assets/app-6256b172.js HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jbee5I5arlNb4FrxDcqq77pSqLVYH4q9QVB9nHk%2FHuFCTNtpaVf3Og7Ib%2FZf6CTIvo09vDyoCMeWC3tttfKIx7Ez5VXJQuBJ2SGqp9Y%3D\"}]}\r\netag: W/\"678183f9-4192\"\r\ncontent-encoding: br\r\ncf-ray: 9bb2c173aca95689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16786,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3636)","md5":"3e2d482771a47ba9b3a2bce1db19e0d2","sha1":"3509e9194d4a793ffd94a62ff64826a7591d35b9","sha256":"b1dc3a468eb8949e17762628c68205ee4ffad52ec1cdbe48e3456bf96c1c9603","sha512":"1036b1306e9b1233246ad2247e7573fa7c9831e7115445cb42e48c8c60b6eb5085170e0aa0d435ea3b6aaf93219657e494b0d554c58da6cebdd509693c5eb953","ssdeep":"384:uKWwubIJr3oQIrcUZhTnJ4NjEgcMq1Ta39F54Z/+w2fSX8BASBx72Lb43+KDYSlO:uKWwubIJrYQIrc4nJojEgg1aX4Zr2fSr","tlshash":"7672d5d6728174b20bae20dd407a5547f2281899f44ad06cf62d9dfd3d29c8a21b3f7c","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-03T02:42:57.925471Z","times_seen":289,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/media/3708/conversions/45_45_45__66f3e1815a813_bitvestment.org-logo.webp","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /media/3708/conversions/45_45_45__66f3e1815a813_bitvestment.org-logo.webp HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/webp\r\ncontent-length: 974\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-3ce\"\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6TFcsJaoEvYJMUC2mJRBBAIKBrVAh4JdGvBbDpbvX84s%2FGFMHK9y8SqGiDg3fhQT3pM3phb8sfftSC2bSiCiIiM1ROz%2BeUt3g%2Bnyze4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173bcad5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":974,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6ab42413e43ce093d1a3cee2f2c273dd","sha1":"9162b938b8f4fccaa287251d26204f11512f8253","sha256":"ddac076884eae0e49a53cad19e030bed41de94561e65dd60c8dba4b3bbc41c9d","sha512":"45d8c539f207c69046c2d603f4faabe281a70068602c3722e487b0a29ecc8d32f6751e2b5b46019b2e8a624a41dbddcb281aede579cfe2b6708aedccae43db12","ssdeep":"","tlshash":"8f11c866dd721f84a84b01b28feda6d6ec49421992b5c5061004ad65fd48b51706d23f","first_seen":"2026-01-09T09:02:55.202643Z","last_seen":"2026-01-09T09:02:55.202643Z","times_seen":1,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/hu.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/hu.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 505\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-1f9\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CO%2FMSCjxVKwtgpoqNTi%2B3m6jssJL2HwFlqiYiJVgXreS593eYbKu5V1w0vQjbuikyxNSAVU3uqY%2Fp%2BSJByJPwxAae%2BL6PVFvcmPi4rs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173ece35689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":505,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"c789a334c212492af26b433c5e2b4d5b","sha1":"7bc986549c06acb5f13c177af6793be159f7c480","sha256":"e911743b60f76ab09482b0abdc256e58e9abcd693c8a382547180d18f0eef14a","sha512":"53dbd93f8b7f9cb71f439ad589c0e2ce980205da477bdd4dff12b0aff9faa85e8d383a8eddfda32f11d40da0b76976d921977b8465258b8c4db6df20c9139eff","ssdeep":"","tlshash":"3af00ee803321a32c1f86642262e09165983bca1b2578c6c80af589dbd8a03021c039b","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-03T02:42:57.929511Z","times_seen":525,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/sr.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/sr.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 1009\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-3f1\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zz496gqtAzRSSfbSwqJRWUhJ1FunpdHWD4KBm5cTdr6gKGCqevOMIH%2F9rjl8SxEKahOsuqqxsvs6apa%2FqkAMIF732zOvBfBqTerDDSA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173fd085689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1009,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"0c5055eb6380dc316b78186e47738aca","sha1":"6130e54d0a11874109a7b9be82fa15e8e2d93fc7","sha256":"724fd2c83f9ca340c60f394c06dd5987b771f57f237e8b5f33e156b0b4c9fd79","sha512":"62aa89ac0235c1acf551be0257348d05de3e4cc4d2d5af8dbaf91e3e8d6ac4f223f0ebf4fa7e4e47b4db195659755aa21d8644359ee76552d193a6b997eab7a6","ssdeep":"","tlshash":"0c11d58a0138483acbae42c0228b708a7fd3efc0d517cd013488f8023e1a1e985126a0","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-03T02:42:57.937658Z","times_seen":355,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/th.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/th.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 524\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-20c\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GTHqMZgp2Y0l%2FEmwSBxumgD7h6bBa8nipWESne%2Fr%2BrjQWw3HfWq%2FaK8c%2FC%2BqJDLnTKTn2%2BiMhXxAjAaoblJx7v8ehL48kYfVPgR5Y64%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c1741d265689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":524,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"1c7933a528550f950ffb12cdde1c74c2","sha1":"3098d40b7cafe07f1c6579f2ed6ffcc9fb65745a","sha256":"f6e31ccc4d7a997049f3331ccf9b0e987d84f72620deee4359628f72f5aa6dac","sha512":"0cbc3c7c3b31f1e28f4b311fd4f9982a94820a72f13f03d8490bd488b271c6e869ae9079b03f2d64c6d669dbe2d0cdf49955c75036d84ef7c42378882b849a20","ssdeep":"","tlshash":"eff0758c0340a5be02964653a8030d3acbd304acd736088dc0fe741b18512110240251","first_seen":"2023-08-05T11:28:13Z","last_seen":"2026-04-03T02:42:57.922891Z","times_seen":341,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/form.js","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /form.js HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x%2FlOKjw0Y5L99Gyf53jmRSDP5nTNLY4zX9n3bFHzbV5ZbZy7zeXaEr7anb1fEFqvEfv%2BAF0ojCvuyJSvWL5mnMqQpSxXZJgnsDejNYL%2F1pGP2WSuT%2FZ4%2Fc8%3D\"}]}\r\netag: W/\"2706931c9edd6c7804715d81a4fd3a4a\"\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: MISS\r\ncf-ray: 9bb2c1741d2b5689-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":279475,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"57222cd559e3a912092239fcdb6706de","sha1":"d65d9e06d224a9a7e22916dc04eae83d1f26d6c7","sha256":"81a17cfaf5731292df919a903727b86550d2a57e1ad29893dc693ef9c2013113","sha512":"2960f1e3b8cf8e96b65fb4875f6241db594a7862c5fe1cad5e5d859df03b780c49293e4f4bca9b89db0070bb6ad7556674ec1b8bb3672c23619cd10c1cf5c232","ssdeep":"3072:CtjnGnbliOU03o4PwjRSBZTLqstc3ikgKc0Njv1BfEQ3j:C56bliXR4ZT1toJgK5jv1BcQT","tlshash":"f1542cb7b5407b2b33b53a98aa27914fab8c4c52dc8dd09ca9efdcdf585041160bdb18","first_seen":"2023-11-27T07:36:46Z","last_seen":"2026-04-03T02:42:57.91737Z","times_seen":299,"resource_available":true,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":133,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:26.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bitvestment.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7816\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 07 Jan 2026 00:02:59 GMT\r\nexpires: Thu, 07 Jan 2027 00:02:59 GMT\r\ncache-control: public, max-age=31536000\r\nage: 205167\r\nlast-modified: Mon, 15 Sep 2025 16:35:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7816,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7816, version 1.0","md5":"25b0e113ca7cce3770d542736db26368","sha1":"cb726212d5d525021752a1d8470a0fb593e0c49e","sha256":"9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526","sha512":"a0d331e62ab4727f49ca286a1ee7fb81cddc5bb9edf71ef84f4bd4fa1552069af1a82752011ba88fae80862d034135926b7e99d70e59d626d66d4ede90e94c30","ssdeep":"192:Agw5ksLwlyK8F2BXU96Fc575OI3+ga534SlEFwTG4ovej9be:Al5y8FSUMS5VOq1KISlvS4ov+4","tlshash":"a3f1af19d5de5a73f80032b45b6911ba7e42fa83bc68bbedf8046a10ad542cb467cc91","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-04-03T20:32:08.13705Z","times_seen":203218,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":130,"dns":0,"connect":28,"send":0,"wait":29,"receive":3,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/media/3423/conversions/514_922__922_66cf181931fb9_%7BwebsiteName%7D.webp","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /media/3423/conversions/514_922__922_66cf181931fb9_%7BwebsiteName%7D.webp HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/webp\r\ncontent-length: 113214\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-1ba3e\"\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LgRoL%2BMfUikiOxMkjJahWdJl1ijxw1A0XF9djspxZikne%2BKvpF4kNtCvOl%2FHlFOR3z%2BBlJVGv7zE%2B%2BckL26m4UOzPn52dwLnMhLwwPw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173bcb05689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":113214,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 922x514, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"7762165458cf85b65d5b6350a65b3b83","sha1":"944bbc7748480fe26e11baebdbf709ae0c07899d","sha256":"2c685c7ad476d4561b3f354ca6994f9934974b9425d5839eb59d919b93d496b5","sha512":"53b938f302be6154680525d2f2b6b4c18a1fde71292c5ce266d999c4ddbf0119b5a93c8ce5df9624c2e1143347163c489396d0b0f3a369921b86dc5c54665230","ssdeep":"3072:CfLVC/43eEJWr21aTLLNunj5YhM7ZDtBSVU5P2FAqx:Cf4nO+Lk2qyU5P0","tlshash":"f7b3122181cb45b08b5cea63ed160a5fc70da719a66a943efcf1351498c39f438b16de","first_seen":"2024-10-21T09:44:21.438806Z","last_seen":"2026-03-31T09:57:52.914655Z","times_seen":10,"resource_available":false,"data":null}},"time_used":374,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/cs.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/cs.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 849\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-351\"\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2O%2BCS7wGH5v1Zy8zaEsVSLFu5np0rom2THPF2pqF6DsNDeo7gUuzSWvuh5rcu12Qmi0AzQHA9H1XlZqDNKMgXTwjhVFlpS21UT0hQMU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173ccbf5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":849,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"4be819ea527d8a704539f3ce154c6a82","sha1":"882f02dee6104dfcda844e466b4ae8dd1e3f69c5","sha256":"2db01ff2e46696a2a9ffa5d4f5af6f2e95bef36e12aa0eb7e05045e73c0396ad","sha512":"550423dc23236b8963334e64fe6b6759aa07a9d0fa04f351d22629931f733b09b02309f1d8aadfc4abb40b0234e356d80b4d1c3b391612baeed106fdee1d25fb","ssdeep":"","tlshash":"910192d860a5ae999a04fac7920309f2a0a246192a06fc08c9ceb88e19cd8a7617070d","first_seen":"2023-05-27T18:45:41Z","last_seen":"2026-04-03T02:42:57.934262Z","times_seen":570,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/ja.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/ja.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 705\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-2c1\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QQHED2hPonMx7vgQlpaZBpihO2jN%2BzaV2mudpSkwCmI1GQzUyOZatyFrt2gYYP7xWR10ZbVDogIRBz8SsaomC9%2Fq2XiqKwuUiSxMDFI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173ecf05689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":705,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"125d3bb3275409f964ec5023de1762c9","sha1":"f06d834f76897f2e8417a70b59b47419ad668ace","sha256":"4461385ad6fdaab33bd89e593c3fe1c14021644444d779584ddaec3cd4fe91f4","sha512":"bace0d647ae16a5a0c4cc9c169ef59e62a4db6b45ad839816d6e6113bbf0acbfee6e563e086a81396eb0b608eb5a0bd12b5cd82c8b102a40011f8096064d2c05","ssdeep":"","tlshash":"430160ee84182c9e40093161513f2b90ace342ca0a16301a82bfbc9d87e6931d32a66a","first_seen":"2023-05-04T12:51:22Z","last_seen":"2026-04-03T02:42:57.91872Z","times_seen":690,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/lt.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/lt.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 560\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-230\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IpAREL5rrDZ%2FP0BbALsJBdYdw%2BLqM1nliR7v0OtSEN%2BNabl0xOChk6i40N5QBXH6dGuabfGVvIQosiRJQpP7IuX79oE5IuwwYy%2BEzrE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173ecf45689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":560,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"a07934e15a82eaa9d991f14b8738a6c2","sha1":"7cab59a83cf48a81e775a194bf74ab60d7348541","sha256":"2a58af20a8b362e09b7face70ed010abc065f364a89a0bc839fa1fab162d1ed4","sha512":"5dcf54f0afdd32f6c0be87a677386dad074481cb75d01f5e81a9f9bda600d775ddcb639e127975fbe41a33fad72f2e53dac0b13003e9aebb35557c3006226303","ssdeep":"","tlshash":"40f0e1f309824d4d483f896742021d55b5bb4846061e4d8c8416dcc9e7b2f97949cc51","first_seen":"2023-05-27T18:45:41Z","last_seen":"2026-04-03T02:42:57.942913Z","times_seen":339,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/no.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/no.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 743\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-2e7\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uPFD%2FWgKKKMSPGeTAfcYt8V6NNjmQltU05pOnIC0ETEU9VdZb%2B2f7DgODwBsVjiO%2Bm0BGRabmTcKoVPYbThbBfWcJ1YAc39Uk7edeFk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173fcfd5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":743,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"d3b58f803a9a01a59210dd673998a229","sha1":"6caddb6c8e749e9c5b786a3984bb7bdbba2bafc5","sha256":"3cf52e677d7f7be201cbf6e3ec56ed1f48b95c47e5969ef2c2510e270133c4f0","sha512":"88aade4affd629926e473df3d26ecca5ba49c4b77da9343e58729cf3a2b1cd0b9d27d9e019018455bffd18b7a7570a5c14d918eff46deecc5821903f76094988","ssdeep":"","tlshash":"5501b5c7a78024a68b3eca3b40066a23976b28186e26100c5128a9bd02c21ed3d50bfc","first_seen":"2023-05-19T09:59:50Z","last_seen":"2026-04-03T02:42:57.930101Z","times_seen":612,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/pl.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/pl.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 380\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-17c\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pLcUc75dl1JH4Z41tDU5sfEeMPlZukD9DQpa5iHxcPx0J6eyAt3Kah3tPXEYCBG6E7dQal50WBKGwauUwXOhTk2PHkl09WyRAaQJjc0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173fd005689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":380,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"44c8193715ca274b0074f1bb80c9e597","sha1":"e0ad2c0c5ba99953d42dfafde03b81289e180168","sha256":"3cd67729cd6ce09de1e48b04d1246a349597239241989e61356b99b588c0d90f","sha512":"f303b9ac87a8e77eb79573b9b2d7df819474084430ea08d2da7a08800d42e7367857c8b3527b437e3c5d7cf941fb64bbf0fd0f8e87e68d356372825bf626a6ae","ssdeep":"","tlshash":"ade0f1e985542c6eca650ca212372875e89380a10e173492c0e466eb62867078953203","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-03T02:42:57.937091Z","times_seen":679,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/sl.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/sl.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 730\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-2da\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BHpBteWrxy0mOzdxTVccrVGWf81jxyntsNR4wMfJmWXgjI2zIyUX7gSTp7OGdqDGiyQXxvlUCO%2BlpUCdzxb8o490%2BsMbMVeR0sE1iYw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c1740d125689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":730,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b578df2953e85fcf5d265ed486a6fe61","sha1":"975e2ec9592cba08ce67a8d5296b78b77e4c28d7","sha256":"bc8eca69c4ee13e933dbbc783c5bb22a10cb1dd70db91e987c77adf19e4ff9f8","sha512":"df303892e7fcb0e940a02a05efce934c61731ee406a3a25739fa240040b89f87b7c5cb49968f3a69183f29a09356473f147d4ab2962b279a2c24cba3d1e8ac46","ssdeep":"","tlshash":"8b0199ec050c59684d6045f224479116d3c7dca14d2b3d5e75de5ad352cb58e61dc702","first_seen":"2023-06-15T00:19:25Z","last_seen":"2026-04-03T02:42:57.907163Z","times_seen":344,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/sv.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/sv.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 715\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-2cb\"\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RYimFDj8GkzyOmDl4UKZsmCN%2FvntHxvm74IoAhSNDXh7tTTsIvNMH2EjG58mzmOg1cISw7oMFnAuE%2BJqNCD7GPQ2AVw4AF3VEYWoVS4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c1741d235689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":715,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"191c145f7eb3f4755cc9a019a42259ad","sha1":"3ab0abaf3d362e2f59284949f3f62779af5dbedd","sha256":"c6897e837702d73a8dad3043ec690277cecff9ef960555169cba79d4fa9c62a3","sha512":"13c9da7e72fcb954eb8a95c3b1045eef1372c832a798293336aaa6b069be60db0f72ae8037844962bd2ff7e07c5e75ed1f14e3c927b5bee7825061b57e19084e","ssdeep":"","tlshash":"190144dd03258f3a0a370b9e24691057ded72d931b1a63506ab8bc3d6d031cd518d319","first_seen":"2023-05-13T11:39:52Z","last_seen":"2026-04-03T02:42:57.93882Z","times_seen":595,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Poppins:300,400,600,700,800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Poppins:300,400,600,700,800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 09 Jan 2026 09:02:26 GMT\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5993,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d7d29ea911af499896323784c8522aa7","sha1":"86bb132382fa34e5006449a1a3f931b4303ac8f9","sha256":"78d2c9cef0124ba439a1e22e904b3083970db19d9d5adc9f940404d81d2352cf","sha512":"0ad15a0432c96cd093bfa631285ee158ce5c54b114d9ddf08a89616d4805d238e572faf86699d518d5c96f3e8feb2e6849cc64e207927e96d55ee47c9d0e7d36","ssdeep":"96:SO1arO1aTJc+ukO1aaN3OEanOEaCJc+ukOEauN3OxMacOxMaUJc+ukOxMarN3OpE:4hHdPgKQFVwa3RzJ/apsn","tlshash":"05c1add1087be114ab871cc123ce7d37ee1e9255b810e5786bfd0c98adabc654362b2d","first_seen":"2025-09-19T15:46:09.974384Z","last_seen":"2026-04-03T02:42:57.901635Z","times_seen":238,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":68,"dns":1,"connect":21,"send":0,"wait":32,"receive":0,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/en.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/en.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 1767\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-6e7\"\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=heeBSvmGYju2xfHF15HlW8EVESut%2BqUZyWwjBZsr%2BSglXFORrJPybTaeSHZU8xjbhLdmLsQFZVB82TzJD7z7yzA8m6NmqI5ZFqQmEcs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173bcb65689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1767,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"ec7233b5c80e5db85f7733b2ec25203f","sha1":"d4c36fff06dc7d920b10eb13b58ea9cd9321b430","sha256":"347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40","sha512":"89e59fa7fdef1f61485176467fd127acf55424aefcf78aca5c3944e59f0b802591587c9d90c4ff158f955b74798e933b41c84fd0d3842fa4600ec8b583c113b4","ssdeep":"","tlshash":"693109cf0b91610bd9cba7827ca71c17366659d422a7be1b4bda0dcc7f85c2ad004e38","first_seen":"2023-04-08T21:50:50Z","last_seen":"2026-04-03T19:30:26.395635Z","times_seen":5504,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/de.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/de.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 602\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-25a\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9Hwl%2FLDAQHzyHprTy2uK9rbrixI0TDDFrIGExsloWmHW7yIi3FeG3J%2BkQhpxC4A5AIsTJ3B3pr5fvh5hN2tsIH9wvBkVgz0ohrsDesE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173dccc5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":602,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"8a2ba86f3b7de7562445967e2c21843b","sha1":"3046cd0b51721f180c2dc75513fd4bfd316b45b5","sha256":"cc318f3be9ba75def2af54bd9d0fab4f3e316517de9bf138e40dee06d332602d","sha512":"bbfe0899d1e796e1635d12332d6e5ecc21c78c7073419b14236660d6524861ad078644a0de96c914a07988584105a4d503a7ba9f29480be720ce541ad7ebeb5f","ssdeep":"","tlshash":"8df002a8839266668e5b12f3c0031dd44dbb0db4573f3518622ba8be0b61e0263806f0","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-03T19:30:26.387842Z","times_seen":1125,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/nl.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/nl.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 469\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-1d5\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=czonglEL%2FEkRWJuW%2FvnVk5Tc%2BLUU4d%2BC8br22kGCveS15lglEhxh9waMkiCqc728eE5W467CrJdWut%2FCwt1EeOee7qeacSeU58ztoy8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173dcce5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":469,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"213b7e930b8a41dcf4c9f95ac76dbe6b","sha1":"eccf14152b6ba26fe8a7d02f79586992be40db20","sha256":"5d75fea10bb270c341503bda4357e90bb069e3e46c7a670a3583f924f3524bd3","sha512":"11eb344a2480ad3f398f91dfc4e14a3f8fb1b916543986796b6d9c5b52112c4bfe6fe48b6dae287c892f4d73106644f8b5226e4a42920d847dede47113a61b3a","ssdeep":"","tlshash":"e8f0d4dd5762669b985a6b8701010c2088931f90191980474a4fe08d7e7320535bcd56","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-03T02:42:57.903481Z","times_seen":763,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/fi.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/fi.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 523\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-20b\"\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e6mU4E2A1Sdr4eGJYKaVqXTh4a8hbm0ek%2BY%2F9D%2B1FtRS0Nzupjcd01PNEglJ9Sp7%2F9cLY05XlGRLjkceDwyNz6jz3zlI1NNta4TaU2s%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173dcd25689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":523,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"605699c0baa63458c609512fc19363c8","sha1":"b920ed840cba7fa302d5e6eca3b51a7c64095f64","sha256":"5bf3510eaa1ec9cb53c13393d67ab23ced2c1912bcc614828707ce0bcec20119","sha512":"84d6a445b4ed0cc42ed936f05ba272e33247294bd3e58401518862da0479a3cd8d58ae9c13db2cb2fef091bac9fc18603243fd435b7ec4310d5ddaa7f0d23b8f","ssdeep":"","tlshash":"87f075d60161497cee5905e641200916dfd30440e71b2b100a2ea7dda5f2274dd347b2","first_seen":"2023-05-27T18:45:42Z","last_seen":"2026-04-03T02:42:57.927579Z","times_seen":572,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/fr.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/fr.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 637\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-27d\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7cOpByfVOFLFhVUNHU%2BknBU2Coo5OKMYAyZiJSBjZfpvMqGUNJtcakJ4QL0dNeut%2BxpNkRIKCxDQpWiQDLTH2fj0MO3nDN%2FUR0oF2L0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173dcd35689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":637,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"930f08c6829077e96cf25d58f26bd6d3","sha1":"0dfa244548435053bbebd2ed5914e2785f0f3dc3","sha256":"594f333e3a8fe65a0466e4f9c140dab97e6b6a073579edf130a87b86614d7ec8","sha512":"34b8e8c8f95a135cccd845a2513c69d0fc3489a2df5b347dae0b5c65f6b1d218c1c976332d97f69d40f38159ab7b51c8d8cfb40d32bd45f24162320727d2a6d9","ssdeep":"","tlshash":"92f0839a22c1602d852411d530320900f4bb0f1002d13ef694be84b3281e7cbb19179d","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-03T19:30:26.378691Z","times_seen":1173,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/el.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/el.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 775\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-307\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B6RyKQ5rILdG8ZiVCFVU7SV1B3BkrI35DYpA5x8OQmpSmz2aKd491xNLNuSFnQ8%2BJkmYz%2F1Lx3RAd1GKUou%2FRepnGwz69DCZALK8Czw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173dcd45689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":775,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"2a53590607a148f0533ed4748d8aa209","sha1":"bac5251024524bb9f5c39535cb99be24d10c92f7","sha256":"aa9fcea0dd91bdb0749763eff1466b252e00096d762946f1eb6f5330834d9161","sha512":"782b8ae9eb9cf9de06ec3ad5e53fc0bb43d8a6e8e5d5125bc2f8efe6c0c1ff99adbb0f8d473ebad385a95f3b8fb6839d2c6f2cba70ad8361293054b8adb45aab","ssdeep":"","tlshash":"450175de265c68f74d1c4607816b0e3cec470ea206759a11d338bddc57e38126040207","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-03T02:42:57.90657Z","times_seen":590,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/ms.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/ms.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 1043\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-413\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xMqpglOVL%2FAu4BDURbbCZbxtpQPCXseP87Tw%2FgyzfE4ZBdGIT4ifOdENW%2BNBTwLhKEB7mA8ulRTMZsdfZcrX11GUtpf%2Fioshu%2BLFT6A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173fcf65689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1043,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"3570bf54c536dcbd24f7ea9ddb7c2f41","sha1":"806758cc4afa15db5c70cc5330031a267d497237","sha256":"ed7928914d2ed92a77f00113d2e4811bd6e43180d03f3ec47e584fdb730a11fb","sha512":"5dac9c0629795f10873eed838e998f706621fa0a4d4f97b98f6ccb1c39909f453ef9238347e8d864daffeb984dcf1b5c7f079f5d5444e860d331c355afbb062b","ssdeep":"","tlshash":"b611b9ce51d623f2ac5d9de939071c6acb538472030b9a2bd8fd9c9e11b29253228300","first_seen":"2023-05-27T18:45:41Z","last_seen":"2026-04-03T02:42:57.911481Z","times_seen":307,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/da.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/da.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 595\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-253\"\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YRLDGcYGSfnQdgMD%2FJQRXm7%2F9ZId%2FKPDOJOOS4QJeK93A00az15xF%2Fpi38DIhqJ%2FReDSDQNUMTBTwurmUUB6y%2FS9KhNriE1MbvDbkOY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173ccc25689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":595,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"a30b08094003e6cfa25800109f955b7a","sha1":"4d43a76c0889bd20f88905cf6ad76b4e0ccd8597","sha256":"a981b9c5114a52486766b43af45545d454234f8d99cb405f24382b225394f117","sha512":"8f2f6e54b5910f386ca584c3fb2fc230dd67120bf40560b2e49fb5628463a9c397ef835961469a95b04eed8201c1584346d58008da11b0a35d721ce704e377c6","ssdeep":"","tlshash":"17f047ced352cc19499b75b116335105c4f717b8122bc45d1095ae0c3d297419996be6","first_seen":"2023-05-19T00:59:36Z","last_seen":"2026-04-03T02:42:57.899394Z","times_seen":586,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/it.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/it.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 642\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-282\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oqG0e%2B40pFhzMvboA4vRTCF9gS%2FKqyORS1nbo54%2Fk5r90vbAI2WJlA3uhD7O8CZFNNTK%2B%2BQfA0IUyVrXgqyBC0MpA5neSDucz7pcU%2Bk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173ecea5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":642,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"922efc02f080135a63137dde4ffea287","sha1":"a4583be3e579a69a03a0d1f09995fdb6d1244f7d","sha256":"510116996dc4979a225c07962d84bb76e2b6340234c2c5e4280596ad08a632cb","sha512":"5d5cf4ee23afce714be0555318fbfabd0461aeae4530bd5f12d8fac947045438f97cf4a045751698514ace1465d6ae70c3f7d62cbc68437009d40553ffd7ff2b","ssdeep":"","tlshash":"bbf023a9016071eec83e2bf201410af955170da89b720008c04ff8d53c6e428c394686","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-03T19:30:26.384677Z","times_seen":1070,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/ru.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/ru.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 487\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-1e7\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wC8DiGxUfuC6hlUNKrFMdOcLbvQk3n2izvNmS4y7S%2FBsdivAVNrvceuXeMDtw4LwdbCchvtL74roCISy1HDZKZI%2BFILBMcowt2KVLs4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173fd075689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":487,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"5ddf50d1327e2ecc28a980e93b9f538a","sha1":"581fa9ecc609a1a07fca205b6c9751e8c28f1ebb","sha256":"1bdc7040f02e999a17f291b59767d4101adefa2d89775272ac7c66f37c710fff","sha512":"2375f58bfd0c3fe7b54258a6b222e285dbf4b4e30e87f76387ec5e1033906d0a04eb78481ee8c78460934f5c1de26007a6488d7857d59d8ca8b7b3fe31228f0d","ssdeep":"","tlshash":"a1f054ee2d01086d493cd918106b0fe1d45b0cb50ae64414d0dab2c43e2278fa8f8ac1","first_seen":"2023-05-02T00:49:29Z","last_seen":"2026-04-03T02:42:57.912036Z","times_seen":970,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/sk.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.958Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/sk.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 942\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-3ae\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JwUc8bxz%2Brml9GWxl7%2FiJ64YoBseRvJb%2BOKzZbBPjY1ZAftFZz84Zz6scdZ0hLeagSrRldZCKbjY6ydm1AS%2BIyjsYJufBkwwjKDn3M4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173fd0d5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":942,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"f505130ed0303fde84806046537f1af0","sha1":"2571608ca84fa979a602373536380578ed7f3e53","sha256":"f264c92b7384498c50a373a441de7963aa8d20225884b59affadbb0e04de2a70","sha512":"5613b8520e3ae0e3a640493711e960803e2122d8d35675917639e69aa9e849b7a089f160de53c6f308c1d338b8d80c7ab5bc3b29d80224acbffc5f61f1742ed2","ssdeep":"","tlshash":"3911c8ef651c4a0e3d2b436249da098c0c8b0d109f06d85cd69bd1e63631a8e117ce84","first_seen":"2023-05-27T18:45:41Z","last_seen":"2026-04-03T02:42:57.931164Z","times_seen":542,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/media/3422/conversions/763_1920__1920_66cf16e65b78f_banner.webp","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:26.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /media/3422/conversions/763_1920__1920_66cf16e65b78f_banner.webp HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18074\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-469a\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JtsjH%2BNykBtYscqAlZZevCU6LN5qUc0deCb3uaYVyye4tFMi39ea6Fp8SBRQo4yQoD88hkSGUIrQAa21dC8fQvPX0a%2Bp5ej4rByuEfk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c1760ef65689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18074,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x763, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"17d9b01217ba2a0b4d928926786da579","sha1":"173754737c7cdae74a5674dc3baccbb5317f82ce","sha256":"1a2a6402080a9d24e6a838a3cbaccb0862f5fa9b38f3cf314d7b1162d0f904c5","sha512":"6950191fc0e89be90e37023d8041e19d9fa7b3c6128f8ba0be11ec89ba3c59533ff540b70ef2421f81d79b9970c8b9ce697eeb71c199c85aad769857cf412e14","ssdeep":"384:OnZYFrxn/rWvAWhD0nkWQMe21uFWoZLdegXjQi15CWj+HftFO95aplQdJU:OnZSlJmbKByQgXx1PMVFYapN","tlshash":"6482d0809efed710c8c847f4a59a744fa989b7a30680d314b9fc31e952f743e3164e5a","first_seen":"2024-10-21T09:44:21.463529Z","last_seen":"2026-03-31T09:57:52.929537Z","times_seen":17,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":145,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/common/arrow-down.svg","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:26.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /common/arrow-down.svg HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/static/assets/index-cad56849.css\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fiYAn1hxsXuN0QoQGnHd3X7GAEY89VSs2FEM2npUZjAm499yZKqQquUK%2F19CZhHlBy0RZ9vCAnl2kj8dQqIAcnSugZimuHARte7dw34%3D\"}]}\r\netag: W/\"678183f9-2af\"\r\ncontent-encoding: br\r\ncf-ray: 9bb2c1760efc5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":687,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a60b35876f9b28d59bed3b7e4abf6ba2","sha1":"12c7639426c80f97352cf3fd7a5bb968da984459","sha256":"7ff5a0abbe0db2a64746dd03b7218d574c1cc2c0e1ff9ddc30850e51da43e373","sha512":"f11d5d96bc13d4f84716084714ed9935945f17c6f6b1066d2672342820a4a7f54e55d271197953468c11853f1159c754e9bddd4cad92da6099ef7fd54ce493de","ssdeep":"","tlshash":"1e01f4c4c20544f8f4929f50daf4d5c3eb3034baf1d44c4cb55526b42122586d90fabc","first_seen":"2023-11-27T07:36:46Z","last_seen":"2026-04-03T02:42:57.939991Z","times_seen":394,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:26.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bitvestment.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 07 Jan 2026 00:02:31 GMT\r\nexpires: Thu, 07 Jan 2027 00:02:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 205195\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-04-03T20:31:57.93763Z","times_seen":294932,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":108,"dns":1,"connect":28,"send":0,"wait":30,"receive":2,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/action/click","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:26.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"POST /action/click HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://bitvestment.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U4OvP2Rw0d%2FLKuM6v%2F%2FDzPBBXa7SYNBhZALIm5s%2F%2F7FvZnGmTYd7VByMWjF7j4DlEHLGVdtAJ0GDTjv949cgdwYlOynZ3mA2imWzP04%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9bb2c176af8f5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":66,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"48d3b82c203560fee61188943826f103","sha1":"0ebd8e43e176489b9fac6d3b2b9769206799d13c","sha256":"c3b98ce6f64f1d5abc814357d3238e6fcc87ca397e149de762608bdd78923d13","sha512":"00e42f0c766449a0f6de2b5108fce6f63be89f33799293f71f6ec1abcc8040bf75319bdab8eaf36868aa81e4f6764a61cdc7a1496854d4693e0e961a011245c7","ssdeep":"","tlshash":"e5a022032b28830808080be20e280220e3303b800ab0b00a00c0c88000bf8c03802a00","first_seen":"2026-01-09T09:02:55.234473Z","last_seen":"2026-01-09T09:02:55.234473Z","times_seen":1,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":433,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/media/3424/conversions/459_459__459_66cf1862ba83e_%7BwebsiteName%7D1.webp","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:26.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /media/3424/conversions/459_459__459_66cf1862ba83e_%7BwebsiteName%7D1.webp HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/webp\r\ncontent-length: 52052\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-cb54\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GPdKyfg6GOcljDmRR6nAQIUAFyacI1ouHuk1pEkJ6nHJ%2FkqqWo4lvMAD0r2PywSM4DvD7Lp4RZYy87PUI%2F6gu9QltsmEPFSjZj442ss%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c1766f4b5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52052,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6f601aab037faa8e87c0ef267e4f3971","sha1":"759d790867782f7569b66459d1e6d41e5e14d34d","sha256":"0c98791713e1a25be9cecf1131c13dc62483a6c026816407551d1fd126840bbe","sha512":"85fbc3ef0bc330b52a4406ef6cf0f778bf649f0f98667c749ed3e2917a7252af0aabab62d491a65b1d63516bd1c7d05ff347d1a2f0068f22dca6dee7dbf15f9f","ssdeep":"1536:b1eBdoXUrCCUJikB1CFJPxAicHNW+Hg9dJfw+:boBdoXW2v0FfVcHEugtfw+","tlshash":"5433f2b16130f1f95ab76f593cdb61dcb35b6441762cf874610788ac5b2b80cb9bb054","first_seen":"2024-10-21T09:44:21.458173Z","last_seen":"2026-03-31T09:57:52.920518Z","times_seen":10,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":158,"receive":142,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:26.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:30 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: lang_fx=;Path=/;Max-Age=2592000\r\nx-geoip: NO\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F8JfmBJjs%2FN%2FXHGWVX6sZLHSGZ5tbBanfyy%2Fgom2XlTZaqowgrLNajBtO0gqBLazbQfQNqPMGeBcntTo4KaGowIVnAn4ebPf8141g0I%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9bb2c176af945689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67128,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2249)","md5":"ed866b9fde6395d446bce0a29667ef98","sha1":"68332e6b1f58567c4e0fe9dac392522a48ffd457","sha256":"ea85e5a567d9c8b77ebe3add814a6df9b80587291c8c059e4c7f844abd4c1beb","sha512":"af1c6fd641830fa8b28bc4d2151252d9ebdbb9e1b0beef5da55e9ed63356ed239c06c07abcc807c409bb28d9f765f2e7d6ed18f437218873229b74d5bd0e1815","ssdeep":"1536:pxMVnN0otu366qstqGtGfoMZSboXDvZzpLqkyuf:pxMVnuxT2FLqkyuf","tlshash":"1a63b63314f01766134300e227241f8aff65808bdba25a49b1ed4a55af92db6cdb3bdd","first_seen":"2026-01-09T09:02:55.199072Z","last_seen":"2026-01-09T09:02:55.199072Z","times_seen":1,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":159,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/action/click","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:26.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"POST /action/click HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 2\r\nOrigin: https://bitvestment.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2,"data":"{}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cd4HRfo%2FNwnUj11B9MAO9GDjycZIYA%2FKxy61fL1krll31qZ4GvNbA8s1MqnZeC2jdVnW2kfhMvoPtoU156JmhKacjYZhSrLGNo0wEPg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9bb2c176cfac5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":66,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"da01dd8034eaed7850c5cf524a724077","sha1":"84c43b8cad7e47ef8655a7b991563bef379c1528","sha256":"7ee9b70a986c09373a2d0505fa517dce0cd6114309081bd8b5d65f97d7be4929","sha512":"05f278a3827b78e1b475208c3c7a0afa479479c67f507de8118bfb0a8322e9b4304efc59fdd0cceb53ed06901e61ebe11d219cd8860dc7f89df2966682f88a7b","ssdeep":"","tlshash":"3ca0222f088000880c8c00ce002008320e200af28f30232ba2802a80802e3cb32c230a","first_seen":"2026-01-09T09:02:55.237285Z","last_seen":"2026-01-09T09:02:55.237285Z","times_seen":1,"resource_available":false,"data":null}},"time_used":613,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":613,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/zh-TW.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/zh-TW.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 870\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-366\"\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GoC6H8%2FIA8IdGR7GHv4KjHsQaSAjQ8lNpwdOC9YYDlHGd5XJhKltfMlIkXcLxrL2e9WJ48w8TuUan3ceofrYCR6SOIu7bOI3TRHjTpg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173bcba5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":870,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"2a2b643bc15c7363c9e58e6b47d7de30","sha1":"506ab44f76022397b3aa9682e8972d7944703d54","sha256":"c63293f5412adc096b8e492e88b8d8edfca5367a491acdd9071ef8d31b4ba9a1","sha512":"a742115cc74831e58f2607fda3ecdf88d8a01d1f9f19d784e1c46a24f9dc23f3a8b5f11251b1c6c911a53a18ee3a01d841e82952f7ab97fcc44b2a0673238e43","ssdeep":"","tlshash":"1f1196ca2450d5d7c2ea12e389ee4b452b4f4afc28560d886c151ab511df1d740e4710","first_seen":"2023-06-10T08:53:38Z","last_seen":"2026-04-03T02:42:57.904734Z","times_seen":4082,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/hi.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/hi.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 701\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-2bd\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vhvCOrqofsbm9Suqoe6p%2FYVKtoNT5ew1QFB21guUEe%2F5vXYaQS3JrCqC%2F8IJSJ3qfcMMu%2FgT9fIdzCMCc6YoRxTB7vqcoU57SGOkt0k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173ecdc5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":701,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"79777c74b380b937c38b2eab06975935","sha1":"ac6ae14f67313ad088c273c33768cdf592560ebc","sha256":"cf916648517414e341d51a40821bfb3be8a487aa1c024c2d488d1bc2ee17fdef","sha512":"896f0ef4290e3dda7a84ff0aa87edf57599d8e972645ccf13c405cd88f98700d40198338416cb82fd4f44e04ff696304480b88c9312c24af60d11216a87c98f0","ssdeep":"","tlshash":"b60194e2400143edc21353f0ad8740c2cd8f2a6e52216d3bc8d9949e6d5024d5ea8cb8","first_seen":"2023-05-15T15:04:16Z","last_seen":"2026-04-03T02:42:57.928914Z","times_seen":305,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/uk.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/uk.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 574\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-23e\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JpdoZznFwQAh49Ve2g8NLsthDaDL7vkVXJyOpi4fiTbl%2FfRjdnt7BQnL0C4wmfrZNuib8j%2FciTYHfcoaEeitk4nkc5MabeyZC5SwtDs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c1741d285689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":574,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"e2b587a3b15e34cb226afa3e572af279","sha1":"192d98c5d5d5b34123e8717c38b6733d8f7e5648","sha256":"4ec4c568d064866640e472adfb0b9f0f11162a94f179ea925f7b50cfe60fc470","sha512":"c7caf5055a177aeb344248c67aa4252c8864be09220523285ce4d3eaab9de757f93458e6e314655c1a2448879a87fe460dae2869f6c7ac9e6931c998e61f461a","ssdeep":"","tlshash":"d5f0e1e965101c78d51554d137a509b6da371d588aa20d6440648cbfaebc9c613aa163","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-03T02:42:57.939392Z","times_seen":410,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:26.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:30 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nset-cookie: lang_fx=;Path=/;Max-Age=2592000\r\nx-geoip: NO\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2BDd7yRuDtPS616rONO8N9WuLbDqLl9t8h%2FR5EDY2mxgXzAf1fR9IM%2FdaknMcmnop5ORTSpvZ4lfUXHzN9A8uFrC7MWY%2FpLxeJtz9oY%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9bb2c176cfad5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67128,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2249)","md5":"ed866b9fde6395d446bce0a29667ef98","sha1":"68332e6b1f58567c4e0fe9dac392522a48ffd457","sha256":"ea85e5a567d9c8b77ebe3add814a6df9b80587291c8c059e4c7f844abd4c1beb","sha512":"af1c6fd641830fa8b28bc4d2151252d9ebdbb9e1b0beef5da55e9ed63356ed239c06c07abcc807c409bb28d9f765f2e7d6ed18f437218873229b74d5bd0e1815","ssdeep":"1536:pxMVnN0otu366qstqGtGfoMZSboXDvZzpLqkyuf:pxMVnuxT2FLqkyuf","tlshash":"1a63b63314f01766134300e227241f8aff65808bdba25a49b1ed4a55af92db6cdb3bdd","first_seen":"2026-01-09T09:02:55.199072Z","last_seen":"2026-01-09T09:02:55.199072Z","times_seen":1,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/media/3709/conversions/32_32_66f3e185e81e2_bitvestment.org-logo.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:26.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /media/3709/conversions/32_32_66f3e185e81e2_bitvestment.org-logo.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:27 GMT\r\ncontent-type: image/png\r\ncontent-length: 1399\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=6,i=?0\r\netag: \"678183f9-577\"\r\nexpires: Tue, 10 Mar 2026 09:02:26 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xP%2FMdz5lRPkZqjvfetk5NO%2BffZE63DEjJUfaXCLjxS1ekBP8BrzjYgN%2Fg0%2BVhnyyfqq%2FJTTc6csxJxnmVVcvFzeGyIkxR6bnVhGtKoI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c179fb105689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1399,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"ff63ce0483358ec77eb00497c8ac9633","sha1":"6d3f63e0255c0204fb230e539754d4c023131188","sha256":"0c5bbb8495b4c8a34058432bba1acfbbe7ead7f0e1198aa81d64b05a68d177db","sha512":"868f764414f3f95db7441494c7ffe72ddc82251d489b89172df4f3a5b1ab49312bb41ba1b36598ff77820f9fb8618bc12bc82baa4ffe4230db13d6f9ac589bb8","ssdeep":"","tlshash":"372108d2dcc8bdd5e2201f3b01578c236ae50d93d7378a1eabde80ba04a03bc91dd208","first_seen":"2026-01-09T09:02:55.24106Z","last_seen":"2026-01-09T09:02:55.24106Z","times_seen":1,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/static/assets/index-cad56849.css","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /static/assets/index-cad56849.css HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aCG5ZUIz8l8samU4p%2FVaurV0%2FnHUkuCI%2Fq2xCj9jM%2BJqwZ0%2B%2B03eFFofIf%2F8JyghPuDTjmpyqduLwKcp0LT3PVC%2Fcg9zf9D2Wc17A%2Fc%3D\"}]}\r\netag: W/\"678183f9-25dfc\"\r\ncontent-encoding: br\r\ncf-ray: 9bb2c173aca55689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155132,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c81cf077321d8130fd73029d26721b1f","sha1":"0ab7df7b3d75b7b726c0071d87da7adce6729ca7","sha256":"cad568499afd45d2f60604c7b0000e008d9cb577ec6ab1bc0752b96de07367fa","sha512":"4536f0e428d1fc01057d6e176fda35369ca5f3300438402c3b8829cfd898297dfc778e7e940a2f8d7ff2fbb844ee373b7f5e5df85d51c202e44bad703b298329","ssdeep":"1536:otUvK9DfmvkFIVj7xXsYJ6lb4Vmpz600I4xhu:otP9DfUK4Vmpz600I4xhu","tlshash":"36e36ed7f591342ce8a681599591bffc8a7f6848cb115d9af0037bb84789ad30c62dcc","first_seen":"2024-08-24T08:23:06Z","last_seen":"2026-04-03T02:42:57.931744Z","times_seen":102,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":196,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bitvestment.org/flags/hr.png","fqdn":"bitvestment.org","domain":"bitvestment.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bitvestment.org/","date":"2026-01-09T09:02:25.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bitvestment.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 13 Nov 2025 12:26:38 GMT","end":"Wed, 11 Feb 2026 13:25:12 GMT"},"fingerprint":{"sha1":"BE:E6:3E:22:E3:C6:43:F8:D1:51:A2:89:65:15:43:9F:5D:E3:2F:2B","sha256":"3C:DB:4F:5B:13:C2:A6:8B:55:5D:71:99:E2:E5:8B:19:61:72:52:1F:9C:F5:A8:59:02:F8:FF:D5:4D:63:BE:52"}}},"request":{"raw":"GET /flags/hr.png HTTP/1.1\r\nHost: bitvestment.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bitvestment.org/\r\nCookie: lang_fx=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 09 Jan 2026 09:02:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 982\r\nserver: cloudflare\r\nlast-modified: Fri, 10 Jan 2025 20:32:57 GMT\r\npriority: u=4,i=?0\r\netag: \"678183f9-3d6\"\r\nexpires: Tue, 10 Mar 2026 09:02:25 GMT\r\ncache-control: public, max-age=5184000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X8oDY7Pv5Um0GIETFtjq3V77YQ6uCv%2Fo1f1XNENHMJ4NqVbt%2FKHOIF%2Fmo4aRlUnLEK3vHKwRSBElsN1EnjyCtPfjXqH7YiWULD%2BHCFU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9bb2c173ccbd5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"41a7b90f600ed32eefb5e620a4f653fc","sha1":"7a6ab7cfc55a1239de75e073430c9634d5c18746","sha256":"63e36970eea32e52849d7b4d3a15d1da36be12ad3078df8c2b848aa7e9baa19b","sha512":"004bddcda655838947c0922be1f74ac3833ca444f3c872c9432232e5660f7ca9288c87acf2d1df19a21a768ae8a04e3f67278f7b6be4998a5e0355f279ba92dd","ssdeep":"","tlshash":"261165dec411043c410b39e6ae9b0bd989b767ac43520a45906db49abc795043ee49a5","first_seen":"2023-06-13T00:33:19Z","last_seen":"2026-04-03T02:42:57.92216Z","times_seen":4094,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-09","alert":"Sinkholed","trigger":"bitvestment.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}